From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id E0826A00BE for ; Tue, 15 Mar 2022 14:32:52 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DA6254014F; Tue, 15 Mar 2022 14:32:52 +0100 (CET) Received: from mail-ed1-f46.google.com (mail-ed1-f46.google.com [209.85.208.46]) by mails.dpdk.org (Postfix) with ESMTP id 66B8B4014F for ; Tue, 15 Mar 2022 14:32:51 +0100 (CET) Received: by mail-ed1-f46.google.com with SMTP id e22so1491645edc.13 for ; Tue, 15 Mar 2022 06:32:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=zAKGU/xqU2xjby7nOVUlWKDNBTT0dBGR6rIlXpiwJlw=; b=hME80wEy/2gUd+7JkBXBqSmiTKkzCUbm5ezQDg4Jyuh/cBF1B2elD6VAN48DP/qGAj ayj1B6icbfUK2yYHU/TR0qYbX4YPdK//EVWLGYM1E+hHYWlPknPC2dYJovZO20mnpaw+ AoqkVGRd5aTN4jTWtBv970NDn3j2OUayVEz3iL/XGTRUFxg2ZyW3vQU5bQ78SfSsCgxU WreOZmN4EpRjLrKPLBxGFEpHVIlmO6eb4Jot+yyL4nYrMj2S6z5veIT9MG4DxRbtdAsO G6fLrCv0EDM9YZoGMqATtiDCqQUFHe/sHgduvXKuL1upPkAQWW++xrR6iO62RvhDG3aa f4Ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=zAKGU/xqU2xjby7nOVUlWKDNBTT0dBGR6rIlXpiwJlw=; b=NGQZyN7M9mmeLVZFV05BwcHmRvA3rsNt48KZn5MQRTTUcY+y1ezCrFvjE3Ru6fJJ6S CdscIsIy4WAj+TeEyHqLKcurEF3+4kgQsW+zPBpe7HB535WIFh8RbHefTtnBrzF1gmjl 8l4BDCIg+8SioKRqVGWydz2lu+RxnKOWE7prUEiJK1i5J3OTrOWHpJHliVinExeH8tHS NOuw0UYBiKgZyIyzR3jPbj7SEDKj9obKK7cFxlQ21DkgLtpiaNbuxNStLyuGcCq9voqR TmeHUUHyIAgnav7ILAVtj15jCScXg/SALTlkpxgzCX5Z+NeBdPADSVQjlcIejoIslhD3 I6uw== X-Gm-Message-State: AOAM531Jf7lprz8poYmf4VFFt4thqKmaMbmHZ+dDglVK99+o/llETuQG Jn0aN6XwD8B3FyxLY3PBnc7ORrG05yc= X-Google-Smtp-Source: ABdhPJzliCmtjAuuOHDdnEdY3Dbr2XSgnZI0Uat/LAbCC4Z5TGEq2zpdYVMJYsQfaR+bqeAbH1B+2Q== X-Received: by 2002:a05:6402:358b:b0:416:c8de:ffef with SMTP id y11-20020a056402358b00b00416c8deffefmr21302168edc.45.1647351171091; Tue, 15 Mar 2022 06:32:51 -0700 (PDT) Received: from localhost ([2a01:4b00:f41a:3600:360b:9754:2e3a:c344]) by smtp.gmail.com with ESMTPSA id dd6-20020a1709069b8600b006df08710d00sm548824ejc.85.2022.03.15.06.32.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Mar 2022 06:32:50 -0700 (PDT) From: luca.boccassi@gmail.com To: Rahul Bhansali Cc: Conor Walsh , Konstantin Ananyev , dpdk stable Subject: patch 'examples/l3fwd: fix buffer overflow in Tx' has been queued to stable release 20.11.5 Date: Tue, 15 Mar 2022 13:32:29 +0000 Message-Id: <20220315133233.635559-6-luca.boccassi@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220315133233.635559-1-luca.boccassi@gmail.com> References: <20220218123931.1749595-1-luca.boccassi@gmail.com> <20220315133233.635559-1-luca.boccassi@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 20.11.5 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 03/17/22. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/bluca/dpdk-stable This queued commit can be viewed at: https://github.com/bluca/dpdk-stable/commit/dd8a8529443a7ade2ddb3b2d365d6f73eba87451 Thanks. Luca Boccassi --- >From dd8a8529443a7ade2ddb3b2d365d6f73eba87451 Mon Sep 17 00:00:00 2001 From: Rahul Bhansali Date: Tue, 11 Jan 2022 18:20:05 +0530 Subject: [PATCH] examples/l3fwd: fix buffer overflow in Tx [ upstream commit 0490d69d58d9d75c37e780966c837a062658f528 ] This patch fixes the stack buffer overflow error reported from AddressSanitizer. Function send_packetsx4() tries to access out of bound data from rte_mbuf and fill it into TX buffer even in the case where no pending packets (len = 0). Performance impact:- No ASAN error report:- ==819==ERROR: AddressSanitizer: stack-buffer-overflow on address 0xffffe2c0dcf0 at pc 0x0000005e791c bp 0xffffe2c0d7e0 sp 0xffffe2c0d800 READ of size 8 at 0xffffe2c0dcf0 thread T0 #0 0x5e7918 in send_packetsx4 ../examples/l3fwd/l3fwd_common.h:251 #1 0x5e7918 in send_packets_multi ../examples/l3fwd/l3fwd_neon.h:226 Fixes: 96ff445371e0 ("examples/l3fwd: reorganise and optimize LPM code path") Signed-off-by: Rahul Bhansali Reviewed-by: Conor Walsh Acked-by: Konstantin Ananyev --- examples/l3fwd/l3fwd_common.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/examples/l3fwd/l3fwd_common.h b/examples/l3fwd/l3fwd_common.h index cbaab79f5b..8e4c27218f 100644 --- a/examples/l3fwd/l3fwd_common.h +++ b/examples/l3fwd/l3fwd_common.h @@ -236,6 +236,9 @@ send_packetsx4(struct lcore_conf *qconf, uint16_t port, struct rte_mbuf *m[], /* copy rest of the packets into the TX buffer. */ len = num - n; + if (len == 0) + goto exit; + j = 0; switch (len % FWDSTEP) { while (j < len) { @@ -258,6 +261,7 @@ send_packetsx4(struct lcore_conf *qconf, uint16_t port, struct rte_mbuf *m[], } } +exit: qconf->tx_mbufs[port].len = len; } -- 2.34.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2022-03-15 12:13:39.317400562 +0000 +++ 0006-examples-l3fwd-fix-buffer-overflow-in-Tx.patch 2022-03-15 12:13:39.072181080 +0000 @@ -1 +1 @@ -From 0490d69d58d9d75c37e780966c837a062658f528 Mon Sep 17 00:00:00 2001 +From dd8a8529443a7ade2ddb3b2d365d6f73eba87451 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit 0490d69d58d9d75c37e780966c837a062658f528 ] + @@ -21 +22,0 @@ -Cc: stable@dpdk.org