From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 9250DA04B1
	for <public@inbox.dpdk.org>; Wed, 23 Sep 2020 10:06:43 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 5CD471DAA7;
	Wed, 23 Sep 2020 10:06:43 +0200 (CEST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124])
 by dpdk.org (Postfix) with ESMTP id 587591C23B
 for <stable@dpdk.org>; Wed, 23 Sep 2020 10:06:39 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1600848398;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=I+NI2Rk9ypeUB1q9tZ10V2tZCbWDjQ7s4zoV49PvP/M=;
 b=WVSSASh8kYPc1ukov6J3RDtfsXor1h7PUsM5pe8G+GQEBsclADnUET9qTqq1aB3c8mpCmr
 WY+WXZKrkkQtFStqPeE1MsAv453Mg8g2dvE/0ronOVNhaZytZ1bs8vHXaW2e4mmkeMcOfd
 qWEtQ4xwXoQnjO+uHqtTIoDUhKrNVAQ=
Received: from mail-vs1-f71.google.com (mail-vs1-f71.google.com
 [209.85.217.71]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-475-uGjzNMWzNYqW28B3iM2h2Q-1; Wed, 23 Sep 2020 04:06:36 -0400
X-MC-Unique: uGjzNMWzNYqW28B3iM2h2Q-1
Received: by mail-vs1-f71.google.com with SMTP id d21so5732685vsf.16
 for <stable@dpdk.org>; Wed, 23 Sep 2020 01:06:36 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=I+NI2Rk9ypeUB1q9tZ10V2tZCbWDjQ7s4zoV49PvP/M=;
 b=WeTExalaAPK8Jo786gJqSNVfP0m5mGHDtioq6Cu6/7dc+fC7pxjUM+px0OiUd+ilM8
 zFMFWt/T81Qz7neac41MyHcSlU7mlbAanl32D+osuaf0hC6Mhi8RLvnSk+dw2RNr7ZLD
 5U0mbBlivkexqKY3fUGWuaadnvoOhBPJXIEAwjJpb+Uamnv09XZ7z5IdDFk9xMV9hRfc
 E5mp12O3mSjf4ECn4nutr0rzRNDu6FhRcMacFcbqQQsnfN1dRd+bfoj/gTeV3Yb4iujg
 /tYjdFPk+CzeUc2kTAkwgmxFsWwgpMzREKq/LEFYwfsRpideFz9G5iFzXod2sDDR+NWB
 tokA==
X-Gm-Message-State: AOAM532CldwJbv5AMUNybXDfdd5k1jn1kzmojHRYjXK3qX4nrK3QdTZy
 MRCG3rU9028hhk46YCaIM/fhJDoXs6gtobRvCvWw7rGaotwmKGE+mblBn15LhISVw7UYJC7lY2x
 RuyvdZu+yo1whKK1ExBEDmcY=
X-Received: by 2002:a05:6102:10c2:: with SMTP id
 t2mr6092641vsr.10.1600848396335; 
 Wed, 23 Sep 2020 01:06:36 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyDdvA506HEGA26xUPfC6ggK1KR+rkVgewLY1jl76jSmNq3AJEcidnnc/aCx3tZFDxWcNtA5hzslKhmiiGx9FU=
X-Received: by 2002:a05:6102:10c2:: with SMTP id
 t2mr6092633vsr.10.1600848396105; 
 Wed, 23 Sep 2020 01:06:36 -0700 (PDT)
MIME-Version: 1.0
References: <20200922172015.266698-1-kevin.laatz@intel.com>
In-Reply-To: <20200922172015.266698-1-kevin.laatz@intel.com>
From: David Marchand <david.marchand@redhat.com>
Date: Wed, 23 Sep 2020 10:06:25 +0200
Message-ID: <CAJFAV8z-XF2dr0ZAUL6AFsGzGzz5kxpHvRBVxrxZsgZm1PHU7Q@mail.gmail.com>
To: Kevin Laatz <kevin.laatz@intel.com>
Cc: dev <dev@dpdk.org>, "Yigit, Ferruh" <ferruh.yigit@intel.com>, 
 Bruce Richardson <bruce.richardson@intel.com>, dpdk stable <stable@dpdk.org>
Authentication-Results: relay.mimecast.com;
 auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=dmarchan@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="UTF-8"
Subject: Re: [dpdk-stable] [dpdk-dev] [PATCH] net/ring: fix unchecked return
	value
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org
Sender: "stable" <stable-bounces@dpdk.org>

On Tue, Sep 22, 2020 at 7:25 PM Kevin Laatz <kevin.laatz@intel.com> wrote:
>
> Add a check for the return value of the sscanf call in
> parse_internal_args(), returning an error if we don't get the expected
> result.
>
> Coverity issue: 362049
> Fixes: 96cb19521147 ("net/ring: use EAL APIs in PMD specific API")
> Cc: stable@dpdk.org
>
> Signed-off-by: Kevin Laatz <kevin.laatz@intel.com>
> ---
>  drivers/net/ring/rte_eth_ring.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/net/ring/rte_eth_ring.c b/drivers/net/ring/rte_eth_ring.c
> index 40fe1ca4ba..62060e46ce 100644
> --- a/drivers/net/ring/rte_eth_ring.c
> +++ b/drivers/net/ring/rte_eth_ring.c
> @@ -539,7 +539,8 @@ parse_internal_args(const char *key __rte_unused, const char *value,
>         struct ring_internal_args **internal_args = data;
>         void *args;
>
> -       sscanf(value, "%p", &args);
> +       if (sscanf(value, "%p", &args) != 1)
> +               return -1;

Not sure this really needs fixing, as I understood the internal option
is something only the driver uses.

On the patch itself, sscanf stops at the first character it deems
incorrect, meaning that you would not detect trailing chars, like for
0x1234Z.
You can detect this by adding a canary.

$ cat sscanf.c
#include <stdio.h>

int main(int argc, char *argv[])
{
    void *args;
    char c;

    if (sscanf(argv[1], "%p", &args) != 1)
        printf("'%%p' KO for %s\n", argv[1]);
    else
        printf("'%%p' ok for %s\n", argv[1]);

    if (sscanf(argv[1], "%p%c", &args, &c) != 1)
        printf("'%%p%%c' KO for %s\n", argv[1]);
    else
        printf("'%%p%%c' ok for %s\n", argv[1]);
    return 0;
}

$ gcc -o sscanf -Wall -Werror sscanf.c

$ ./sscanf 0x1234
'%p' ok for 0x1234
'%p%c' ok for 0x1234

$ ./sscanf 0x1234Z
'%p' ok for 0x1234Z
'%p%c' KO for 0x1234Z


-- 
David Marchand