From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.droids-corp.org (zoll.droids-corp.org [94.23.50.67]) by dpdk.org (Postfix) with ESMTP id 1551A7E1B for ; Fri, 5 Dec 2014 15:16:17 +0100 (CET) Received: from was59-1-82-226-113-214.fbx.proxad.net ([82.226.113.214] helo=[192.168.0.10]) by mail.droids-corp.org with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from ) id 1XwtjE-00014R-UG; Fri, 05 Dec 2014 15:19:32 +0100 Message-ID: <5481BE26.9080903@6wind.com> Date: Fri, 05 Dec 2014 15:16:06 +0100 From: Olivier MATZ User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.5.0 MIME-Version: 1.0 To: Alan Carew , dev@dpdk.org References: <1412003903-9061-1-git-send-email-alan.carew@intel.com> <1415611146-32368-1-git-send-email-alan.carew@intel.com> In-Reply-To: <1415611146-32368-1-git-send-email-alan.carew@intel.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [PATCH v2] librte_cmdline: FreeBSD Fix oveflow when size of command result structure is greater than BUFSIZ X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Dec 2014 14:16:17 -0000 Hi Alan, On 11/10/2014 10:19 AM, Alan Carew wrote: > When using test-pmd with flow director in FreeBSD, the application will > segfault/Bus error while parsing the command-line. This is due to how > each commands result structure is represented during parsing, where the offsets > for each tokens value is stored in a character array(char result_buf[BUFSIZ]) > in cmdline_parse()(./lib/librte_cmdline/cmdline_parse.c). > > The overflow occurs where BUFSIZ is less than the size of a commands result > structure, in this case "struct cmd_pkt_filter_result" > (app/test-pmd/cmdline.c) is 1088 bytes and BUFSIZ on FreeBSD is 1024 bytes as > opposed to 8192 bytes on Linux. > > The problem can be reproduced by running test-pmd on FreeBSD: > ./testpmd -c 0x3 -n 4 -- -i --portmask=0x3 --pkt-filter-mode=perfect > And adding a filter: > add_perfect_filter 0 udp src 192.168.0.0 1024 dst 192.168.0.0 1024 flexbytes > 0x800 vlan 0 queue 0 soft 0x17 > > This patch removes the OS dependency on BUFSIZ and defines and uses a > library #define CMDLINE_PARSE_RESULT_BUFSIZE 8192 > > Added boundary checking to ensure this buffer size cannot overflow, with > an error message being produced. > > Suggested-by: Olivier MATZ > http://git.droids-corp.org/?p=libcmdline.git;a=commitdiff;h=b1d5b169352e57df3fc14c51ffad4b83f3e5613f > > Signed-off-by: Alan Carew I think some checks are missing compared to the original patch. The cmdline_parse_xxx() functions should be modified too. Please see a v3 in my next email. Regards, Olivier