* [dpdk-dev] [PATCH] examples/vhost: fix potential overflow in args process
@ 2021-04-19 5:44 Cheng Jiang
2021-04-26 8:24 ` [dpdk-dev] [dpdk-stable] " David Marchand
2021-04-27 3:14 ` [dpdk-dev] [PATCH v2] " Cheng Jiang
0 siblings, 2 replies; 6+ messages in thread
From: Cheng Jiang @ 2021-04-19 5:44 UTC (permalink / raw)
To: maxime.coquelin, chenbo.xia; +Cc: dev, Cheng Jiang, stable
Add args length check to fix potential overflow issue.
Coverity issue: 363741
Fixes: 965b06f0358 ("examples/vhost: enhance getopt_long usage")
Cc: stable@dpdk.org
Signed-off-by: Cheng Jiang <Cheng1.jiang@intel.com>
---
examples/vhost/main.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/examples/vhost/main.c b/examples/vhost/main.c
index 119ba7e01..5df36ad3c 100644
--- a/examples/vhost/main.c
+++ b/examples/vhost/main.c
@@ -669,6 +669,11 @@ us_vhost_parse_args(int argc, char **argv)
break;
case OPT_DMA_TYPE_NUM:
+ if (strlen(optarg) >= MAX_LONG_OPT_SZ) {
+ RTE_LOG(INFO, VHOST_CONFIG, "Wrong DMA type\n");
+ us_vhost_usage(prgname);
+ return -1;
+ }
strcpy(dma_type, optarg);
break;
--
2.29.2
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [dpdk-dev] [dpdk-stable] [PATCH] examples/vhost: fix potential overflow in args process 2021-04-19 5:44 [dpdk-dev] [PATCH] examples/vhost: fix potential overflow in args process Cheng Jiang @ 2021-04-26 8:24 ` David Marchand 2021-04-27 3:17 ` Jiang, Cheng1 2021-04-27 3:14 ` [dpdk-dev] [PATCH v2] " Cheng Jiang 1 sibling, 1 reply; 6+ messages in thread From: David Marchand @ 2021-04-26 8:24 UTC (permalink / raw) To: Cheng Jiang; +Cc: Maxime Coquelin, Xia, Chenbo, dev, dpdk stable On Mon, Apr 19, 2021 at 7:59 AM Cheng Jiang <Cheng1.jiang@intel.com> wrote: > > Add args length check to fix potential overflow issue. > > Coverity issue: 363741 > Fixes: 965b06f0358 ("examples/vhost: enhance getopt_long usage") > Cc: stable@dpdk.org No need for Cc: stable since this issue only affects the current release. > > Signed-off-by: Cheng Jiang <Cheng1.jiang@intel.com> It should indeed fix the coverity report but this limit does not make sense. Could you make dma_type point at either optarg (it should be fine as we only read this string)? Something like (untested): diff --git a/examples/vhost/main.c b/examples/vhost/main.c index 2ca7d98c58..158e5e9a8a 100644 --- a/examples/vhost/main.c +++ b/examples/vhost/main.c @@ -55,9 +55,6 @@ #define INVALID_PORT_ID 0xFF -/* Maximum long option length for option parsing. */ -#define MAX_LONG_OPT_SZ 64 - /* mask of enabled ports */ static uint32_t enabled_port_mask = 0; @@ -97,7 +94,7 @@ static int builtin_net_driver; static int async_vhost_driver; -static char dma_type[MAX_LONG_OPT_SZ]; +static char *dma_type; /* Specify timeout (in useconds) between retries on RX. */ static uint32_t burst_rx_delay_time = BURST_RX_WAIT_US; @@ -201,7 +198,7 @@ struct vhost_bufftable *vhost_txbuff[RTE_MAX_LCORE * MAX_VHOST_DEVICE]; static inline int open_dma(const char *value) { - if (strncmp(dma_type, "ioat", 4) == 0) + if (dma_type != NULL && strncmp(dma_type, "ioat", 4) == 0) return open_ioat(value); return -1; @@ -669,7 +666,7 @@ us_vhost_parse_args(int argc, char **argv) break; case OPT_DMA_TYPE_NUM: - strcpy(dma_type, optarg); + dma_type = optarg; break; case OPT_DMAS_NUM: @@ -1472,7 +1469,7 @@ new_device(int vid) struct rte_vhost_async_features f; struct rte_vhost_async_channel_ops channel_ops; - if (strncmp(dma_type, "ioat", 4) == 0) { + if (dma_type != NULL && strncmp(dma_type, "ioat", 4) == 0) { channel_ops.transfer_data = ioat_transfer_data_cb; channel_ops.check_completed_copies = ioat_check_completed_copies_cb; -- David Marchand ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [dpdk-dev] [dpdk-stable] [PATCH] examples/vhost: fix potential overflow in args process 2021-04-26 8:24 ` [dpdk-dev] [dpdk-stable] " David Marchand @ 2021-04-27 3:17 ` Jiang, Cheng1 0 siblings, 0 replies; 6+ messages in thread From: Jiang, Cheng1 @ 2021-04-27 3:17 UTC (permalink / raw) To: David Marchand; +Cc: Maxime Coquelin, Xia, Chenbo, dev, dpdk stable Hi, > -----Original Message----- > From: David Marchand <david.marchand@redhat.com> > Sent: Monday, April 26, 2021 4:25 PM > To: Jiang, Cheng1 <cheng1.jiang@intel.com> > Cc: Maxime Coquelin <maxime.coquelin@redhat.com>; Xia, Chenbo > <chenbo.xia@intel.com>; dev <dev@dpdk.org>; dpdk stable > <stable@dpdk.org> > Subject: Re: [dpdk-stable] [PATCH] examples/vhost: fix potential overflow in > args process > > On Mon, Apr 19, 2021 at 7:59 AM Cheng Jiang <Cheng1.jiang@intel.com> > wrote: > > > > Add args length check to fix potential overflow issue. > > > > Coverity issue: 363741 > > Fixes: 965b06f0358 ("examples/vhost: enhance getopt_long usage") > > Cc: stable@dpdk.org > > No need for Cc: stable since this issue only affects the current release. Sure, sorry about that. > > > > > Signed-off-by: Cheng Jiang <Cheng1.jiang@intel.com> > > It should indeed fix the coverity report but this limit does not make sense. > Could you make dma_type point at either optarg (it should be fine as > we only read this string)? > > Something like (untested): > > diff --git a/examples/vhost/main.c b/examples/vhost/main.c > index 2ca7d98c58..158e5e9a8a 100644 > --- a/examples/vhost/main.c > +++ b/examples/vhost/main.c > @@ -55,9 +55,6 @@ > > #define INVALID_PORT_ID 0xFF > > -/* Maximum long option length for option parsing. */ > -#define MAX_LONG_OPT_SZ 64 > - > /* mask of enabled ports */ > static uint32_t enabled_port_mask = 0; > > @@ -97,7 +94,7 @@ static int builtin_net_driver; > > static int async_vhost_driver; > > -static char dma_type[MAX_LONG_OPT_SZ]; > +static char *dma_type; > > /* Specify timeout (in useconds) between retries on RX. */ > static uint32_t burst_rx_delay_time = BURST_RX_WAIT_US; > @@ -201,7 +198,7 @@ struct vhost_bufftable > *vhost_txbuff[RTE_MAX_LCORE > * MAX_VHOST_DEVICE]; > static inline int > open_dma(const char *value) > { > - if (strncmp(dma_type, "ioat", 4) == 0) > + if (dma_type != NULL && strncmp(dma_type, "ioat", 4) == 0) > return open_ioat(value); > > return -1; > @@ -669,7 +666,7 @@ us_vhost_parse_args(int argc, char **argv) > break; > > case OPT_DMA_TYPE_NUM: > - strcpy(dma_type, optarg); > + dma_type = optarg; > break; > > case OPT_DMAS_NUM: > @@ -1472,7 +1469,7 @@ new_device(int vid) > struct rte_vhost_async_features f; > struct rte_vhost_async_channel_ops channel_ops; > > - if (strncmp(dma_type, "ioat", 4) == 0) { > + if (dma_type != NULL && strncmp(dma_type, "ioat", 4) == 0) { > channel_ops.transfer_data = ioat_transfer_data_cb; > channel_ops.check_completed_copies = > ioat_check_completed_copies_cb; > > > > -- > David Marchand I think that make sense. I'll send a new version according your comments. Thanks. Cheng ^ permalink raw reply [flat|nested] 6+ messages in thread
* [dpdk-dev] [PATCH v2] examples/vhost: fix potential overflow in args process 2021-04-19 5:44 [dpdk-dev] [PATCH] examples/vhost: fix potential overflow in args process Cheng Jiang 2021-04-26 8:24 ` [dpdk-dev] [dpdk-stable] " David Marchand @ 2021-04-27 3:14 ` Cheng Jiang 2021-05-03 14:01 ` Maxime Coquelin 2021-05-04 8:28 ` Maxime Coquelin 1 sibling, 2 replies; 6+ messages in thread From: Cheng Jiang @ 2021-04-27 3:14 UTC (permalink / raw) To: maxime.coquelin, chenbo.xia; +Cc: dev, david.marchand, Cheng Jiang Change the way passing args to fix potential overflow in args process. Coverity issue: 363741 Fixes: 965b06f0358 ("examples/vhost: enhance getopt_long usage") Signed-off-by: Cheng Jiang <Cheng1.jiang@intel.com> --- v2: * Change the way passing args * Change git log examples/vhost/main.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/examples/vhost/main.c b/examples/vhost/main.c index 119ba7e01..3e2e9a45c 100644 --- a/examples/vhost/main.c +++ b/examples/vhost/main.c @@ -55,9 +55,6 @@ #define INVALID_PORT_ID 0xFF -/* Maximum long option length for option parsing. */ -#define MAX_LONG_OPT_SZ 64 - /* mask of enabled ports */ static uint32_t enabled_port_mask = 0; @@ -97,7 +94,7 @@ static int builtin_net_driver; static int async_vhost_driver; -static char dma_type[MAX_LONG_OPT_SZ]; +static char *dma_type; /* Specify timeout (in useconds) between retries on RX. */ static uint32_t burst_rx_delay_time = BURST_RX_WAIT_US; @@ -201,7 +198,7 @@ struct vhost_bufftable *vhost_txbuff[RTE_MAX_LCORE * MAX_VHOST_DEVICE]; static inline int open_dma(const char *value) { - if (strncmp(dma_type, "ioat", 4) == 0) + if (dma_type != NULL && strncmp(dma_type, "ioat", 4) == 0) return open_ioat(value); return -1; @@ -669,7 +666,7 @@ us_vhost_parse_args(int argc, char **argv) break; case OPT_DMA_TYPE_NUM: - strcpy(dma_type, optarg); + dma_type = optarg; break; case OPT_DMAS_NUM: @@ -1472,7 +1469,7 @@ new_device(int vid) struct rte_vhost_async_features f; struct rte_vhost_async_channel_ops channel_ops; - if (strncmp(dma_type, "ioat", 4) == 0) { + if (dma_type != NULL && strncmp(dma_type, "ioat", 4) == 0) { channel_ops.transfer_data = ioat_transfer_data_cb; channel_ops.check_completed_copies = ioat_check_completed_copies_cb; -- 2.29.2 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [dpdk-dev] [PATCH v2] examples/vhost: fix potential overflow in args process 2021-04-27 3:14 ` [dpdk-dev] [PATCH v2] " Cheng Jiang @ 2021-05-03 14:01 ` Maxime Coquelin 2021-05-04 8:28 ` Maxime Coquelin 1 sibling, 0 replies; 6+ messages in thread From: Maxime Coquelin @ 2021-05-03 14:01 UTC (permalink / raw) To: Cheng Jiang, chenbo.xia; +Cc: dev, david.marchand On 4/27/21 5:14 AM, Cheng Jiang wrote: > Change the way passing args to fix potential overflow in args process. > > Coverity issue: 363741 > Fixes: 965b06f0358 ("examples/vhost: enhance getopt_long usage") > > Signed-off-by: Cheng Jiang <Cheng1.jiang@intel.com> > --- > v2: > * Change the way passing args > * Change git log > > examples/vhost/main.c | 11 ++++------- > 1 file changed, 4 insertions(+), 7 deletions(-) > Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com> Thanks, Maxime ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [dpdk-dev] [PATCH v2] examples/vhost: fix potential overflow in args process 2021-04-27 3:14 ` [dpdk-dev] [PATCH v2] " Cheng Jiang 2021-05-03 14:01 ` Maxime Coquelin @ 2021-05-04 8:28 ` Maxime Coquelin 1 sibling, 0 replies; 6+ messages in thread From: Maxime Coquelin @ 2021-05-04 8:28 UTC (permalink / raw) To: Cheng Jiang, chenbo.xia; +Cc: dev, david.marchand On 4/27/21 5:14 AM, Cheng Jiang wrote: > Change the way passing args to fix potential overflow in args process. > > Coverity issue: 363741 > Fixes: 965b06f0358 ("examples/vhost: enhance getopt_long usage") > > Signed-off-by: Cheng Jiang <Cheng1.jiang@intel.com> > --- > v2: > * Change the way passing args > * Change git log > > examples/vhost/main.c | 11 ++++------- > 1 file changed, 4 insertions(+), 7 deletions(-) > Applied to dpdk-next-virtio/main. Thanks, Maxime ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-05-04 8:28 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-04-19 5:44 [dpdk-dev] [PATCH] examples/vhost: fix potential overflow in args process Cheng Jiang 2021-04-26 8:24 ` [dpdk-dev] [dpdk-stable] " David Marchand 2021-04-27 3:17 ` Jiang, Cheng1 2021-04-27 3:14 ` [dpdk-dev] [PATCH v2] " Cheng Jiang 2021-05-03 14:01 ` Maxime Coquelin 2021-05-04 8:28 ` Maxime Coquelin
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).