From: 0-day Robot <robot@bytheb.org>
To: test-report@dpdk.org, Stephen Hemminger <stephen@networkplumber.org>
Subject: |SUCCESS| pw159222 [PATCH v5 11/17] eal: limit maximum runtime directory and socket paths
Date: Tue, 16 Dec 2025 11:12:21 -0500 [thread overview]
Message-ID: <20251216161221.762576-1-robot@bytheb.org> (raw)
In-Reply-To: <20251207191242.165619-12-stephen@networkplumber.org>
Test-Label: 0day Robot - Claude SONNET
Test-Status: SUCCESS
http://dpdk.org/patch/159222
_AI Review Comments Available_
git sha: Not provided in patch
Author: Stephen Hemminger <stephen@networkplumber.org>
Subject: eal: limit maximum runtime directory and socket paths
This commit changes the buffer sizes from PATH_MAX to UNIX_PATH_MAX to
prevent unix domain socket path truncation issues, and adds proper bounds
checking in path construction functions.
> diff --git a/lib/eal/common/eal_common_config.c b/lib/eal/common/eal_common_config.c
> index 7fc7611a07..e2e69a75fb 100644
> --- a/lib/eal/common/eal_common_config.c
> +++ b/lib/eal/common/eal_common_config.c
> @@ -6,6 +6,7 @@
>
> #include <eal_export.h>
> #include "eal_private.h"
> +#include "eal_filesystem.h"
> #include "eal_memcfg.h"
>
> /* early configuration structure, when memory config is not mmapped */
> @@ -24,7 +25,7 @@ static struct rte_config rte_config = {
> };
>
> /* platform-specific runtime dir */
> -static char runtime_dir[PATH_MAX];
> +static char runtime_dir[UNIX_PATH_MAX];
>
> /* internal configuration */
> static struct internal_config internal_config;
> @@ -39,7 +40,8 @@ rte_eal_get_runtime_dir(void)
> int
> eal_set_runtime_dir(const char *run_dir)
> {
> - if (strlcpy(runtime_dir, run_dir, PATH_MAX) >= PATH_MAX) {
> + /* runtime directory limited by maximum allowable unix domain socket */
> + if (strlcpy(runtime_dir, run_dir, UNIX_PATH_MAX) >= UNIX_PATH_MAX) {
> EAL_LOG(ERR, "Runtime directory string too long");
> return -1;
> }
[ ... ]
> diff --git a/lib/eal/common/eal_common_proc.c b/lib/eal/common/eal_common_proc.c
> index 62fd4ba88f..dbf749c5b8 100644
> --- a/lib/eal/common/eal_common_proc.c
> +++ b/lib/eal/common/eal_common_proc.c
> @@ -36,10 +36,10 @@
>
> static RTE_ATOMIC(int) mp_fd = -1;
> static rte_thread_t mp_handle_tid;
> -static char mp_filter[PATH_MAX]; /* Filter for secondary process sockets */
> -static char mp_dir_path[PATH_MAX]; /* The directory path for all mp sockets */
> +static char mp_filter[UNIX_PATH_MAX]; /* Filter for secondary process sockets */
> +static char mp_dir_path[UNIX_PATH_MAX]; /* The directory path for all mp sockets */
> static pthread_mutex_t mp_mutex_action = PTHREAD_MUTEX_INITIALIZER;
> -static char peer_name[PATH_MAX];
> +static char peer_name[UNIX_PATH_MAX];
[ ... ]
> -static void
> -create_socket_path(const char *name, char *buf, int len)
> +static int
> +create_socket_path(const char *name, char *buf, size_t len)
> {
> const char *prefix = eal_mp_socket_path();
>
> - if (strlen(name) > 0)
> - snprintf(buf, len, "%s_%s", prefix, name);
> - else
> - strlcpy(buf, prefix, len);
> + if (strlen(name) > 0) {
> + if (snprintf(buf, len, "%s_%s", prefix, name) >= (int)len)
> + return -1;
> + } else {
> + if (strlcpy(buf, prefix, len) >= len)
> + return -1;
> + }
> + return 0;
> }
Does the create_socket_path function properly validate that prefix is not
NULL before using it? The eal_mp_socket_path function returns a static
buffer, but there's no null check here.
[ ... ]
> @@ -572,6 +576,11 @@ open_socket_fd(void)
> snprintf(peer_name, sizeof(peer_name),
> "%d_%"PRIx64, getpid(), rte_rdtsc());
>
> + if (create_socket_path(peer_name, un.sun_path, sizeof(un.sun_path)) < 0) {
> + EAL_LOG(ERR, "peer '%s' socket path too long", peer_name);
> + return -1;
> + }
> +
> mp_fd = socket(AF_UNIX, SOCK_DGRAM, 0);
> if (mp_fd < 0) {
> EAL_LOG(ERR, "failed to create unix socket");
Could this code leak the mp_fd if create_socket_path fails after the socket
is created? The error path returns -1 without calling close on mp_fd.
> @@ -581,8 +590,6 @@ open_socket_fd(void)
> memset(&un, 0, sizeof(un));
> un.sun_family = AF_UNIX;
>
> - create_socket_path(peer_name, un.sun_path, sizeof(un.sun_path));
> -
> unlink(un.sun_path); /* May still exist since last run */
[ ... ]
> @@ -599,17 +606,20 @@ open_socket_fd(void)
> static void
> close_socket_fd(int fd)
> {
> - char path[PATH_MAX];
> + char path[UNIX_PATH_MAX];
>
> close(fd);
> - create_socket_path(peer_name, path, sizeof(path));
> - unlink(path);
> +
> + if (create_socket_path(peer_name, path, sizeof(path)) < 0)
> + EAL_LOG(ERR, "file prefix path for peerr '%s' too long", peer_name);
> + else
> + unlink(path);
> }
There's a typo in the error message: "peerr" should be "peer".
[ ... ]
> diff --git a/lib/eal/common/eal_filesystem.h b/lib/eal/common/eal_filesystem.h
> index 5d21f07c20..2de88d7cc2 100644
> --- a/lib/eal/common/eal_filesystem.h
> +++ b/lib/eal/common/eal_filesystem.h
> @@ -45,10 +45,21 @@ eal_runtime_config_path(void)
>
> /** Path of primary/secondary communication unix socket file. */
> #define MP_SOCKET_FNAME "mp_socket"
> +
> +#ifdef RTE_EXEC_ENV_WINDOWS
> +#include <winsock2.h>
> +#include <afunix.h>
> +#else
> +#include <sys/un.h>
> +
> +/** Maximum length of unix domain socket path. */
> +#define UNIX_PATH_MAX (sizeof(((struct sockaddr_un *)0)->sun_path))
> +#endif
> +
> static inline const char *
> eal_mp_socket_path(void)
> {
> - static char buffer[PATH_MAX]; /* static so auto-zeroed */
> + static char buffer[UNIX_PATH_MAX]; /* static so auto-zeroed */
>
> snprintf(buffer, sizeof(buffer), "%s/%s", rte_eal_get_runtime_dir(),
> MP_SOCKET_FNAME);
What happens on Windows systems where UNIX_PATH_MAX isn't defined? The
code includes Windows headers but doesn't define UNIX_PATH_MAX for that
platform.
next prev parent reply other threads:[~2025-12-16 16:12 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20251205022948.327743-1-stephen@networkplumber.org>
[not found] ` <20251207191242.165619-1-stephen@networkplumber.org>
[not found] ` <20251207191242.165619-13-stephen@networkplumber.org>
2025-12-07 19:15 ` |SUCCESS| pw159223 [PATCH v5 12/17] eal: check for hugefile path overflow checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-10-stephen@networkplumber.org>
2025-12-07 19:16 ` |SUCCESS| pw159220 [PATCH v5 09/17] eal: avoid format overflow when handling addresses checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-9-stephen@networkplumber.org>
2025-12-07 19:16 ` |SUCCESS| pw159219 [PATCH v5 08/17] eal: warn if thread name is truncated checkpatch
2025-12-16 16:12 ` |SUCCESS| pw169219 " 0-day Robot
[not found] ` <20251207191242.165619-7-stephen@networkplumber.org>
2025-12-07 19:17 ` |WARNING| pw159217 [PATCH v5 06/17] telemetry: avoid possible string overflow checkpatch
2025-12-16 16:12 ` |SUCCESS| " 0-day Robot
[not found] ` <20251207191242.165619-6-stephen@networkplumber.org>
2025-12-07 19:17 ` |SUCCESS| pw159216 [PATCH v5 05/17] latencystats: add check for " checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-5-stephen@networkplumber.org>
2025-12-07 19:17 ` |SUCCESS| pw159215 [PATCH v5 04/17] graph: avoid overflowing comment buffer checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-2-stephen@networkplumber.org>
2025-12-07 19:17 ` |SUCCESS| pw159212 [PATCH v5 01/17] eal: use C library to parse filesystem table checkpatch
2025-12-16 16:11 ` 0-day Robot
[not found] ` <20251207191242.165619-18-stephen@networkplumber.org>
2025-12-07 18:47 ` |SUCCESS| pw159212-159228 [PATCH v5 17/17] lib: enable format overflow warnings qemudev
2025-12-07 18:54 ` |FAILURE| " qemudev
2025-12-07 19:19 ` |SUCCESS| pw159228 " checkpatch
2025-12-07 20:59 ` |FAILURE| " 0-day Robot
2025-12-08 10:39 ` |FAILURE| pw159212-159228 [PATCH] [v5,17/17] lib: enable format over dpdklab
2025-12-08 10:43 ` dpdklab
2025-12-08 10:44 ` |WARNING| " dpdklab
2025-12-08 10:45 ` |PENDING| " dpdklab
2025-12-08 10:45 ` |SUCCESS| " dpdklab
2025-12-08 10:45 ` |FAILURE| " dpdklab
2025-12-08 10:47 ` dpdklab
2025-12-08 10:47 ` |SUCCESS| " dpdklab
2025-12-08 10:48 ` |FAILURE| " dpdklab
2025-12-08 10:51 ` |WARNING| " dpdklab
2025-12-08 11:02 ` |SUCCESS| " dpdklab
2025-12-08 11:02 ` |FAILURE| " dpdklab
2025-12-08 11:03 ` |SUCCESS| " dpdklab
2025-12-08 11:12 ` dpdklab
2025-12-08 11:12 ` |FAILURE| " dpdklab
2025-12-08 11:15 ` dpdklab
2025-12-08 11:22 ` |WARNING| " dpdklab
2025-12-08 11:24 ` |FAILURE| " dpdklab
2025-12-08 14:29 ` dpdklab
2025-12-08 16:06 ` dpdklab
2025-12-10 4:01 ` dpdklab
2025-12-10 4:17 ` dpdklab
2025-12-16 1:28 ` dpdklab
2025-12-16 16:12 ` |SUCCESS| pw159228 [PATCH v5 17/17] lib: enable format overflow warnings 0-day Robot
2025-12-16 23:31 ` |SUCCESS| pw159212-159228 [PATCH] [v5,17/17] lib: enable format over dpdklab
2025-12-16 23:38 ` |WARNING| " dpdklab
2025-12-16 23:39 ` |SUCCESS| " dpdklab
2025-12-16 23:43 ` |FAILURE| " dpdklab
2025-12-16 23:49 ` |SUCCESS| " dpdklab
2025-12-16 23:59 ` |FAILURE| " dpdklab
2025-12-17 0:09 ` |WARNING| " dpdklab
[not found] ` <20251207191242.165619-3-stephen@networkplumber.org>
2025-12-16 16:12 ` |SUCCESS| pw159213 [PATCH v5 02/17] lpm: restrict name size 0-day Robot
[not found] ` <20251207191242.165619-4-stephen@networkplumber.org>
2025-12-16 16:12 ` |SUCCESS| pw159214 [PATCH v5 03/17] hash: add checks for hash name length 0-day Robot
[not found] ` <20251207191242.165619-8-stephen@networkplumber.org>
2025-12-07 19:17 ` |SUCCESS| pw159218 [PATCH v5 07/17] efd: handle possible name truncation checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-11-stephen@networkplumber.org>
2025-12-07 19:16 ` |SUCCESS| pw159221 [PATCH v5 10/17] eal: add check for sysfs path overflow checkpatch
2025-12-16 16:12 ` |SUCCESS| pw159221 " 0-day Robot
[not found] ` <20251207191242.165619-12-stephen@networkplumber.org>
2025-12-07 19:16 ` |SUCCESS| pw159222 [PATCH v5 11/17] eal: limit maximum runtime directory and socket paths checkpatch
2025-12-16 16:12 ` 0-day Robot [this message]
[not found] ` <20251207191242.165619-14-stephen@networkplumber.org>
2025-12-07 19:14 ` |SUCCESS| pw159224 [PATCH v5 13/17] eal: check tailq length checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-15-stephen@networkplumber.org>
2025-12-07 19:13 ` |SUCCESS| pw159225 [PATCH v5 14/17] eal: handle long shared library path checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-16-stephen@networkplumber.org>
2025-12-07 19:19 ` |SUCCESS| pw159226 [PATCH v5 15/17] ethdev: avoid possible overflow in xstat names checkpatch
2025-12-16 16:12 ` 0-day Robot
[not found] ` <20251207191242.165619-17-stephen@networkplumber.org>
2025-12-07 19:19 ` |SUCCESS| pw159227 [PATCH v5 16/17] vhost: check for overflow in xstat name checkpatch
2025-12-16 16:12 ` 0-day Robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251216161221.762576-1-robot@bytheb.org \
--to=robot@bytheb.org \
--cc=stephen@networkplumber.org \
--cc=test-report@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).