From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D4D5843A39; Thu, 1 Feb 2024 12:46:00 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 76FF040299; Thu, 1 Feb 2024 12:46:00 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mails.dpdk.org (Postfix) with ESMTP id 634034021D for ; Thu, 1 Feb 2024 12:45:58 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1706787957; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yORWfHq1w3fRurFQsHkWG6R4AOtDXlD2tI42yLmkYoU=; b=Le3rk5kKQg0VL36tIjYH7zm8avWqEr1PqomziJ8/3bc73/rb3VnLz1+P15mdp8QjrXINkD cURONKHp+4NWq9qMIGo8ZNnu1bCDc9xGtoTMZ5cFoxTOtiX9Tvh3eDcIFn6w4ZnY13T3UZ lIZsA8hRj+p3yjJSCRMXNc7mTdxVptk= Received: from mail-lf1-f70.google.com (mail-lf1-f70.google.com [209.85.167.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-27-PO7evZgaO1q20ueHlZVwWA-1; Thu, 01 Feb 2024 06:45:56 -0500 X-MC-Unique: PO7evZgaO1q20ueHlZVwWA-1 Received: by mail-lf1-f70.google.com with SMTP id 2adb3069b0e04-5101af0a385so621734e87.2 for ; Thu, 01 Feb 2024 03:45:56 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706787955; x=1707392755; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yORWfHq1w3fRurFQsHkWG6R4AOtDXlD2tI42yLmkYoU=; b=vmOkWig3ymtvRjeKQHfiELUbEPjgPliv++nVv43EVepxjHVtvJoI3BMJ83R4LQa/Ez 6Zhb8b7DV6iT4HwfNYb0HLiHnSR7Fenkb36CM/DxnJovc3xn4bVrhPkX0poCGCXt/jSr Ldidm9qOfqtkpAcAxAqUAQ0/rY6xy5mXqgMLHreXNaIaO3NwyXa4hPBSduF0sQK1FmJu 2vpUyNJTSdK33Nn3J2NcWltoePpZWPOCGOLUHj2TzfN4u5R/4DVAymekAvLbKJvjr+ac Munb1Rasjox0TcxIKoq2RCL8ZrtV6hD0Te5cr7No+nwlP51QOsFfPJ8qcZCCCk7lsEqH Q7wQ== X-Gm-Message-State: AOJu0YzjZUPxvTuVkxOzCRUPHKDTqqI54atvtcohhkEfpuuwDg7amAli DJBfcYhfFZyPTc8fSnhMz/D4OqidwwOsJBgrxaqKs0csBCSRAOHi6QLPM/Sis2YhknOTnjAPABr 7NFtn+SBz8D7v++vMmaPwgcHRCO1lbkTheMMFYvE56LIHljq5ViHjyWjBz3zGASR3HnRYbvZvMX A0SHaV2z71mZSIbfo= X-Received: by 2002:a05:6512:3b07:b0:510:cfe:39ec with SMTP id f7-20020a0565123b0700b005100cfe39ecmr1571490lfv.8.1706787955252; Thu, 01 Feb 2024 03:45:55 -0800 (PST) X-Google-Smtp-Source: AGHT+IGVf6+7v4rFk/9jGVE8EzGJnutC2z1uSPiBads8lLyDuWHpF8L/tGchAaCh9WYZ+E1oANxmTkWS2MKrXR0By5k= X-Received: by 2002:a05:6512:3b07:b0:510:cfe:39ec with SMTP id f7-20020a0565123b0700b005100cfe39ecmr1571476lfv.8.1706787954885; Thu, 01 Feb 2024 03:45:54 -0800 (PST) MIME-Version: 1.0 References: <1691011261-5666-1-git-send-email-roretzla@linux.microsoft.com> <35199239-fac5-f7f2-6f80-5070b016d7d6@huawei.com> <20230808175937.GA13736@linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.internal.cloudapp.net> In-Reply-To: From: David Marchand Date: Thu, 1 Feb 2024 12:45:43 +0100 Message-ID: Subject: Re: [PATCH] telemetry: avoid truncation of strlcpy return before check To: Bruce Richardson , Tyler Retzlaff Cc: "lihuisong (C)" , dev@dpdk.org, Ciara Power X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On Tue, Aug 8, 2023 at 8:35=E2=80=AFPM Bruce Richardson wrote: > > On Tue, Aug 08, 2023 at 10:59:37AM -0700, Tyler Retzlaff wrote: > > On Tue, Aug 08, 2023 at 10:24:41AM +0800, lihuisong (C) wrote: > > > > > > =E5=9C=A8 2023/8/3 5:21, Tyler Retzlaff =E5=86=99=E9=81=93: > > > >strlcpy returns type size_t when directly assigning to > > > >struct rte_tel_data data_len field it may be truncated leading to > > > >compromised length check that follows > > > > > > > >Since the limit in the check is < UINT_MAX the value returned is > > > >safe to be cast to unsigned int (which may be narrower than size_t) > > > >but only after being checked against RTE_TEL_MAX_SINGLE_STRING_LEN > > > > > > > >Signed-off-by: Tyler Retzlaff > > > >--- > > > > lib/telemetry/telemetry_data.c | 5 +++-- > > > > 1 file changed, 3 insertions(+), 2 deletions(-) > > > > > > > >diff --git a/lib/telemetry/telemetry_data.c b/lib/telemetry/telemetr= y_data.c > > > >index 3b1a240..52307cb 100644 > > > >--- a/lib/telemetry/telemetry_data.c > > > >+++ b/lib/telemetry/telemetry_data.c > > > >@@ -41,12 +41,13 @@ > > > > int > > > > rte_tel_data_string(struct rte_tel_data *d, const char *str) > > > > { > > > >+ const size_t len =3D strlcpy(d->data.str, str, sizeof(d->data.str= )); > > > sizeof(d->data.str) is equal to RTE_TEL_MAX_SINGLE_STRING_LEN(8192). > > > So It seems that this truncation probably will not happen. > > > > agreed, regardless the data type choices permit a size that exceeds the > > range of the narrower type and the assignment results in a warning bein= g > > generated on some targets. that's why the truncating cast is safe to > > add. > > > > none of this would be necessary if data_len had been appropriately type= d > > as size_t. Bruce should we be changing the type instead since we are i= n > > 23.11 merge window...? > > > I'm fine either way, to be honest. Can we conclude? struct rte_tel_data seems internal (at least opaque from an application pov), so I suppose the option of changing data_len to size_t is still on the table. And we are missing a Fixes: tag too. Thanks. --=20 David Marchand