From: 0-day Robot <robot@bytheb.org>
To: test-report@dpdk.org, Stephen Hemminger <stephen@networkplumber.org>
Subject: |SUCCESS| pw159217 [PATCH v5 06/17] telemetry: avoid possible string overflow
Date: Tue, 16 Dec 2025 11:12:10 -0500 [thread overview]
Message-ID: <20251216161210.762509-1-robot@bytheb.org> (raw)
In-Reply-To: <20251207191242.165619-7-stephen@networkplumber.org>
Test-Label: 0day Robot - Claude SONNET
Test-Status: SUCCESS
http://dpdk.org/patch/159217
_AI Review Comments Available_
Git SHA: efb48c9ed5
Author: Stephen Hemminger <stephen@networkplumber.org>
Subject: telemetry: avoid possible string overflow
This commit improves string handling in the legacy telemetry client
registration by avoiding temporary buffers and adding length checks for
unix domain socket paths.
> diff --git a/lib/telemetry/telemetry_legacy.c b/lib/telemetry/telemetry_legacy.c
> index 89ec750c09..24f663eee7 100644
> --- a/lib/telemetry/telemetry_legacy.c
> +++ b/lib/telemetry/telemetry_legacy.c
> @@ -82,34 +82,41 @@ static int
> register_client(const char *cmd __rte_unused, const char *params,
> char *buffer __rte_unused, int buf_len __rte_unused)
> {
> + const char *colon = strchr(params, ':');
> +
> + if (colon == NULL) {
> + fprintf(stderr, "Invalid client data: missing colon\n");
> + return -1;
> + }
> +
> #ifndef RTE_EXEC_ENV_WINDOWS
> pthread_t th;
> - char data[BUF_SIZE];
> - int fd;
> - int rc;
> - struct sockaddr_un addrs;
> -#endif /* !RTE_EXEC_ENV_WINDOWS */
> + int fd, rc;
> + struct sockaddr_un addrs = { .sun_family = AF_UNIX };
>
> - if (!strchr(params, ':')) {
> - fprintf(stderr, "Invalid data\n");
> + if (colon[1] != '"') {
> + fprintf(stderr, "Invalid client data: missing quote\n");
> return -1;
> }
> -#ifndef RTE_EXEC_ENV_WINDOWS
> - strlcpy(data, strchr(params, ':'), sizeof(data));
> - memmove(data, &data[strlen(":\"")], strlen(data));
> - if (!strchr(data, '\"')) {
> - fprintf(stderr, "Invalid client data\n");
> +
> + const char *endquote = strchr(colon + 1, '"');
> + if (endquote == NULL) {
> + fprintf(stderr, "Invalid client data: missing end quote\n");
> + return -1;
> + }
> +
> + size_t len = endquote - colon + 1;
> + if (len == 0 || len >= sizeof(addrs.sun_path)) {
> + fprintf(stderr, "Invalid client data: path length\n");
> return -1;
> }
> - *strchr(data, '\"') = 0;
> + strncpy(addrs.sun_path, colon + 1, len);
Does this calculation for len include the opening quote in the path? The
calculation appears to be endquote - colon + 1, which would include the
quote character in the length, and then strncpy copies starting from
colon + 1 which still includes the quote character.
Would the string copy operation include the quote character in the socket
path string when it should be stripped out?
> +#endif /* !RTE_EXEC_ENV_WINDOWS */
>
> fd = socket(AF_UNIX, SOCK_SEQPACKET, 0);
> if (fd < 0) {
> perror("Failed to open socket");
> return -1;
> }
> - addrs.sun_family = AF_UNIX;
> - strlcpy(addrs.sun_path, data, sizeof(addrs.sun_path));
>
> if (connect(fd, (struct sockaddr *)&addrs, sizeof(addrs)) == -1) {
> perror("\nClient connection error\n");
next prev parent reply other threads:[~2025-12-16 16:12 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20251205022948.327743-1-stephen@networkplumber.org>
[not found] ` <20251207191242.165619-1-stephen@networkplumber.org>
[not found] ` <20251207191242.165619-18-stephen@networkplumber.org>
2025-12-07 18:47 ` |SUCCESS| pw159212-159228 [PATCH v5 17/17] lib: enable format overflow warnings qemudev
2025-12-07 18:54 ` |FAILURE| " qemudev
2025-12-07 19:19 ` |SUCCESS| pw159228 " checkpatch
2025-12-07 20:59 ` |FAILURE| " 0-day Robot
2025-12-08 10:39 ` |FAILURE| pw159212-159228 [PATCH] [v5,17/17] lib: enable format over dpdklab
2025-12-08 10:43 ` dpdklab
2025-12-08 10:44 ` |WARNING| " dpdklab
2025-12-08 10:45 ` |PENDING| " dpdklab
2025-12-08 10:45 ` |SUCCESS| " dpdklab
2025-12-08 10:45 ` |FAILURE| " dpdklab
2025-12-08 10:47 ` dpdklab
2025-12-08 10:47 ` |SUCCESS| " dpdklab
2025-12-08 10:48 ` |FAILURE| " dpdklab
2025-12-08 10:51 ` |WARNING| " dpdklab
2025-12-08 11:02 ` |SUCCESS| " dpdklab
2025-12-08 11:02 ` |FAILURE| " dpdklab
2025-12-08 11:03 ` |SUCCESS| " dpdklab
2025-12-08 11:12 ` dpdklab
2025-12-08 11:12 ` |FAILURE| " dpdklab
2025-12-08 11:15 ` dpdklab
2025-12-08 11:22 ` |WARNING| " dpdklab
2025-12-08 11:24 ` |FAILURE| " dpdklab
2025-12-08 14:29 ` dpdklab
2025-12-08 16:06 ` dpdklab
2025-12-10 4:01 ` dpdklab
2025-12-10 4:17 ` dpdklab
2025-12-16 1:28 ` dpdklab
2025-12-16 16:12 ` |SUCCESS| pw159228 [PATCH v5 17/17] lib: enable format overflow warnings 0-day Robot
2025-12-16 23:31 ` |SUCCESS| pw159212-159228 [PATCH] [v5,17/17] lib: enable format over dpdklab
2025-12-16 23:38 ` |WARNING| " dpdklab
2025-12-16 23:39 ` |SUCCESS| " dpdklab
2025-12-16 23:43 ` |FAILURE| " dpdklab
2025-12-16 23:49 ` |SUCCESS| " dpdklab
2025-12-16 23:59 ` |FAILURE| " dpdklab
2025-12-17 0:09 ` |WARNING| " dpdklab
[not found] ` <20251207191242.165619-14-stephen@networkplumber.org>
2025-12-07 19:14 ` |SUCCESS| pw159224 [PATCH v5 13/17] eal: check tailq length checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-12-stephen@networkplumber.org>
2025-12-07 19:16 ` |SUCCESS| pw159222 [PATCH v5 11/17] eal: limit maximum runtime directory and socket paths checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-10-stephen@networkplumber.org>
2025-12-07 19:16 ` |SUCCESS| pw159220 [PATCH v5 09/17] eal: avoid format overflow when handling addresses checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-8-stephen@networkplumber.org>
2025-12-07 19:17 ` |SUCCESS| pw159218 [PATCH v5 07/17] efd: handle possible name truncation checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-6-stephen@networkplumber.org>
2025-12-07 19:17 ` |SUCCESS| pw159216 [PATCH v5 05/17] latencystats: add check for string overflow checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-2-stephen@networkplumber.org>
2025-12-07 19:17 ` |SUCCESS| pw159212 [PATCH v5 01/17] eal: use C library to parse filesystem table checkpatch
2025-12-16 16:11 ` 0-day Robot
[not found] ` <20251207191242.165619-3-stephen@networkplumber.org>
2025-12-16 16:12 ` |SUCCESS| pw159213 [PATCH v5 02/17] lpm: restrict name size 0-day Robot
[not found] ` <20251207191242.165619-4-stephen@networkplumber.org>
2025-12-16 16:12 ` |SUCCESS| pw159214 [PATCH v5 03/17] hash: add checks for hash name length 0-day Robot
[not found] ` <20251207191242.165619-5-stephen@networkplumber.org>
2025-12-07 19:17 ` |SUCCESS| pw159215 [PATCH v5 04/17] graph: avoid overflowing comment buffer checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-7-stephen@networkplumber.org>
2025-12-07 19:17 ` |WARNING| pw159217 [PATCH v5 06/17] telemetry: avoid possible string overflow checkpatch
2025-12-16 16:12 ` 0-day Robot [this message]
[not found] ` <20251207191242.165619-9-stephen@networkplumber.org>
2025-12-07 19:16 ` |SUCCESS| pw159219 [PATCH v5 08/17] eal: warn if thread name is truncated checkpatch
2025-12-16 16:12 ` |SUCCESS| pw169219 " 0-day Robot
[not found] ` <20251207191242.165619-11-stephen@networkplumber.org>
2025-12-07 19:16 ` |SUCCESS| pw159221 [PATCH v5 10/17] eal: add check for sysfs path overflow checkpatch
2025-12-16 16:12 ` |SUCCESS| pw159221 " 0-day Robot
[not found] ` <20251207191242.165619-13-stephen@networkplumber.org>
2025-12-07 19:15 ` |SUCCESS| pw159223 [PATCH v5 12/17] eal: check for hugefile " checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-15-stephen@networkplumber.org>
2025-12-07 19:13 ` |SUCCESS| pw159225 [PATCH v5 14/17] eal: handle long shared library path checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-16-stephen@networkplumber.org>
2025-12-07 19:19 ` |SUCCESS| pw159226 [PATCH v5 15/17] ethdev: avoid possible overflow in xstat names checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-17-stephen@networkplumber.org>
2025-12-07 19:19 ` |SUCCESS| pw159227 [PATCH v5 16/17] vhost: check for overflow in xstat name checkpatch
2025-12-16 16:12 ` 0-day Robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251216161210.762509-1-robot@bytheb.org \
--to=robot@bytheb.org \
--cc=stephen@networkplumber.org \
--cc=test-report@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).