[PATCH] raw/ifpga: avoid potential integer overflow

patches for DPDK stable branches
 help / color / mirror / Atom feed

* [PATCH] raw/ifpga: avoid potential integer overflow
@ 2022-06-23  3:11 Wei Huang
  2022-06-23  5:52 ` Zhang, Tianfei
  2022-06-23  6:35 ` Xu, Rosen
  0 siblings, 2 replies; 4+ messages in thread
From: Wei Huang @ 2022-06-23  3:11 UTC (permalink / raw)
  To: dev, thomas, nipun.gupta, hemant.agrawal
  Cc: stable, rosen.xu, tianfei.zhang, qi.z.zhang, Wei Huang

Expression "tx_chunks * ctx->dma_buf_size" in dma_fpga_to_fpga()
is evaluated using 32-bit arithmetic, which would overflow
 potentially. Change tx_chunks to type "uint64_t" to avoid such
issue.

Coverity issue: 379203
Fixes: 7d63899a5c19 ("raw/ifpga: add N3000 AFU driver")

Signed-off-by: Wei Huang <wei.huang@intel.com>
---
 drivers/raw/ifpga/afu_pmd_n3000.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/raw/ifpga/afu_pmd_n3000.c b/drivers/raw/ifpga/afu_pmd_n3000.c
index 8708164..5120df5 100644
--- a/drivers/raw/ifpga/afu_pmd_n3000.c
+++ b/drivers/raw/ifpga/afu_pmd_n3000.c
@@ -1158,7 +1158,7 @@ static int dma_fpga_to_fpga(struct dma_afu_ctx *ctx, uint64_t dst, uint64_t src,
 	uint64_t count_left = count;
 	uint64_t dma_chunks = 0;
 	uint64_t offset = 0;
-	uint32_t tx_chunks = 0;
+	uint64_t tx_chunks = 0;
 	uint64_t *tmp_buf = NULL;
 	int ret = 0;
 
@@ -1213,7 +1213,7 @@ static int dma_fpga_to_fpga(struct dma_afu_ctx *ctx, uint64_t dst, uint64_t src,
 		offset = tx_chunks * ctx->dma_buf_size;
 		count_left -= offset;
 		IFPGA_RAWDEV_PMD_DEBUG("0x%"PRIx64" --> 0x%"PRIx64
-			" (%u...0x%"PRIx64")",
+			" (%"PRIu64"...0x%"PRIx64")",
 			src, dst, tx_chunks, count_left);
 		tmp_buf = (uint64_t *)rte_malloc(NULL, ctx->dma_buf_size,
 			DMA_ALIGN_BYTES);
-- 
1.8.3.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* RE: [PATCH] raw/ifpga: avoid potential integer overflow
  2022-06-23  3:11 [PATCH] raw/ifpga: avoid potential integer overflow Wei Huang
@ 2022-06-23  5:52 ` Zhang, Tianfei
  2022-06-26 10:16   ` Thomas Monjalon
  2022-06-23  6:35 ` Xu, Rosen
  1 sibling, 1 reply; 4+ messages in thread
From: Zhang, Tianfei @ 2022-06-23  5:52 UTC (permalink / raw)
  To: Huang, Wei, dev, thomas, nipun.gupta, hemant.agrawal
  Cc: stable, Xu, Rosen, Zhang, Qi Z



> -----Original Message-----
> From: Huang, Wei <wei.huang@intel.com>
> Sent: Thursday, June 23, 2022 11:12 AM
> To: dev@dpdk.org; thomas@monjalon.net; nipun.gupta@nxp.com;
> hemant.agrawal@nxp.com
> Cc: stable@dpdk.org; Xu, Rosen <rosen.xu@intel.com>; Zhang, Tianfei
> <tianfei.zhang@intel.com>; Zhang, Qi Z <qi.z.zhang@intel.com>; Huang, Wei
> <wei.huang@intel.com>
> Subject: [PATCH] raw/ifpga: avoid potential integer overflow
> 
> Expression "tx_chunks * ctx->dma_buf_size" in dma_fpga_to_fpga() is evaluated
> using 32-bit arithmetic, which would overflow  potentially. Change tx_chunks to
> type "uint64_t" to avoid such issue.
> 
> Coverity issue: 379203
> Fixes: 7d63899a5c19 ("raw/ifpga: add N3000 AFU driver")
> 
> Signed-off-by: Wei Huang <wei.huang@intel.com>
> ---
>  drivers/raw/ifpga/afu_pmd_n3000.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/raw/ifpga/afu_pmd_n3000.c
> b/drivers/raw/ifpga/afu_pmd_n3000.c
> index 8708164..5120df5 100644
> --- a/drivers/raw/ifpga/afu_pmd_n3000.c
> +++ b/drivers/raw/ifpga/afu_pmd_n3000.c
> @@ -1158,7 +1158,7 @@ static int dma_fpga_to_fpga(struct dma_afu_ctx
> *ctx, uint64_t dst, uint64_t src,
>  	uint64_t count_left = count;
>  	uint64_t dma_chunks = 0;
>  	uint64_t offset = 0;
> -	uint32_t tx_chunks = 0;
> +	uint64_t tx_chunks = 0;
>  	uint64_t *tmp_buf = NULL;
>  	int ret = 0;
> 
> @@ -1213,7 +1213,7 @@ static int dma_fpga_to_fpga(struct dma_afu_ctx
> *ctx, uint64_t dst, uint64_t src,
>  		offset = tx_chunks * ctx->dma_buf_size;
>  		count_left -= offset;
>  		IFPGA_RAWDEV_PMD_DEBUG("0x%"PRIx64" --> 0x%"PRIx64
> -			" (%u...0x%"PRIx64")",
> +			" (%"PRIu64"...0x%"PRIx64")",
>  			src, dst, tx_chunks, count_left);
>  		tmp_buf = (uint64_t *)rte_malloc(NULL, ctx->dma_buf_size,
>  			DMA_ALIGN_BYTES);
> --
> 1.8.3.1

It looks good for me.

Acked-by: Tianfei Zhang <tianfei.zhang@intel.com>


^ permalink raw reply	[flat|nested] 4+ messages in thread

* RE: [PATCH] raw/ifpga: avoid potential integer overflow
  2022-06-23  3:11 [PATCH] raw/ifpga: avoid potential integer overflow Wei Huang
  2022-06-23  5:52 ` Zhang, Tianfei
@ 2022-06-23  6:35 ` Xu, Rosen
  1 sibling, 0 replies; 4+ messages in thread
From: Xu, Rosen @ 2022-06-23  6:35 UTC (permalink / raw)
  To: Huang, Wei, dev, thomas, nipun.gupta, hemant.agrawal
  Cc: stable, Zhang, Tianfei, Zhang, Qi Z

Hi,

> -----Original Message-----
> From: Huang, Wei <wei.huang@intel.com>
> Sent: Thursday, June 23, 2022 11:12
> To: dev@dpdk.org; thomas@monjalon.net; nipun.gupta@nxp.com;
> hemant.agrawal@nxp.com
> Cc: stable@dpdk.org; Xu, Rosen <rosen.xu@intel.com>; Zhang, Tianfei
> <tianfei.zhang@intel.com>; Zhang, Qi Z <qi.z.zhang@intel.com>; Huang, Wei
> <wei.huang@intel.com>
> Subject: [PATCH] raw/ifpga: avoid potential integer overflow
> 
> Expression "tx_chunks * ctx->dma_buf_size" in dma_fpga_to_fpga() is
> evaluated using 32-bit arithmetic, which would overflow  potentially. Change
> tx_chunks to type "uint64_t" to avoid such issue.
> 
> Coverity issue: 379203
> Fixes: 7d63899a5c19 ("raw/ifpga: add N3000 AFU driver")
> 
> Signed-off-by: Wei Huang <wei.huang@intel.com>
> ---
>  drivers/raw/ifpga/afu_pmd_n3000.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/raw/ifpga/afu_pmd_n3000.c
> b/drivers/raw/ifpga/afu_pmd_n3000.c
> index 8708164..5120df5 100644
> --- a/drivers/raw/ifpga/afu_pmd_n3000.c
> +++ b/drivers/raw/ifpga/afu_pmd_n3000.c
> @@ -1158,7 +1158,7 @@ static int dma_fpga_to_fpga(struct dma_afu_ctx
> *ctx, uint64_t dst, uint64_t src,
>  	uint64_t count_left = count;
>  	uint64_t dma_chunks = 0;
>  	uint64_t offset = 0;
> -	uint32_t tx_chunks = 0;
> +	uint64_t tx_chunks = 0;
>  	uint64_t *tmp_buf = NULL;
>  	int ret = 0;
> 
> @@ -1213,7 +1213,7 @@ static int dma_fpga_to_fpga(struct dma_afu_ctx
> *ctx, uint64_t dst, uint64_t src,
>  		offset = tx_chunks * ctx->dma_buf_size;
>  		count_left -= offset;
>  		IFPGA_RAWDEV_PMD_DEBUG("0x%"PRIx64" -->
> 0x%"PRIx64
> -			" (%u...0x%"PRIx64")",
> +			" (%"PRIu64"...0x%"PRIx64")",
>  			src, dst, tx_chunks, count_left);
>  		tmp_buf = (uint64_t *)rte_malloc(NULL, ctx->dma_buf_size,
>  			DMA_ALIGN_BYTES);
> --
> 1.8.3.1

Acked-by: Rosen Xu <rosen.xu@intel.com>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] raw/ifpga: avoid potential integer overflow
  2022-06-23  5:52 ` Zhang, Tianfei
@ 2022-06-26 10:16   ` Thomas Monjalon
  0 siblings, 0 replies; 4+ messages in thread
From: Thomas Monjalon @ 2022-06-26 10:16 UTC (permalink / raw)
  To: Huang, Wei
  Cc: dev, nipun.gupta, hemant.agrawal, stable, stable, Xu, Rosen,
	Zhang, Qi Z, Zhang, Tianfei

> > Expression "tx_chunks * ctx->dma_buf_size" in dma_fpga_to_fpga() is evaluated
> > using 32-bit arithmetic, which would overflow  potentially. Change tx_chunks to
> > type "uint64_t" to avoid such issue.
> > 
> > Coverity issue: 379203
> > Fixes: 7d63899a5c19 ("raw/ifpga: add N3000 AFU driver")
> > 
> > Signed-off-by: Wei Huang <wei.huang@intel.com>
> 
> It looks good for me.
> 
> Acked-by: Tianfei Zhang <tianfei.zhang@intel.com>

Applied, thanks.




^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-06-26 10:16 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-23  3:11 [PATCH] raw/ifpga: avoid potential integer overflow Wei Huang
2022-06-23  5:52 ` Zhang, Tianfei
2022-06-26 10:16   ` Thomas Monjalon
2022-06-23  6:35 ` Xu, Rosen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).