From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 768D543329; Tue, 14 Nov 2023 12:11:12 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 1243A40DCA; Tue, 14 Nov 2023 12:10:12 +0100 (CET) Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) by mails.dpdk.org (Postfix) with ESMTP id E1EE8402F1 for ; Tue, 14 Nov 2023 12:09:59 +0100 (CET) Received: from kwepemd100004.china.huawei.com (unknown [172.30.72.54]) by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4SV3Tr6rW6zWhG5; Tue, 14 Nov 2023 19:09:36 +0800 (CST) Received: from localhost.localdomain (10.67.165.2) by kwepemd100004.china.huawei.com (7.221.188.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.2.1258.23; Tue, 14 Nov 2023 19:09:58 +0800 From: Jie Hai To: , Akhil Goyal , Gowrishankar Muthukrishnan CC: , , Subject: [PATCH v3 13/22] security: replace strtok with reentrant version Date: Tue, 14 Nov 2023 18:59:57 +0800 Message-ID: <20231114110006.91148-14-haijie1@huawei.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20231114110006.91148-1-haijie1@huawei.com> References: <20231113104550.2138654-1-haijie1@huawei.com> <20231114110006.91148-1-haijie1@huawei.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.67.165.2] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To kwepemd100004.china.huawei.com (7.221.188.31) X-CFilter-Loop: Reflected X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Multiple threads calling the same function may cause condition race issues, which often leads to abnormal behavior and can cause more serious vulnerabilities such as abnormal termination, denial of service, and compromised data integrity. The strtok() is non-reentrant, it is better to replace it with a reentrant version. Fixes: 259ca6d1617f ("security: add telemetry endpoint for capabilities") Cc: stable@dpdk.org Signed-off-by: Jie Hai Acked-by: Chengwen Feng --- lib/security/rte_security.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c index b082a290296b..e20d610172ef 100644 --- a/lib/security/rte_security.c +++ b/lib/security/rte_security.c @@ -496,13 +496,14 @@ security_handle_cryptodev_crypto_caps(const char *cmd __rte_unused, const char * int dev_id, capa_id; int crypto_caps_n; char *end_param; + char *sp = NULL; int rc; if (!params || strlen(params) == 0 || !isdigit(*params)) return -EINVAL; dev_id = strtoul(params, &end_param, 0); - capa_param = strtok(end_param, ","); + capa_param = strtok_r(end_param, ",", &sp); if (!capa_param || strlen(capa_param) == 0 || !isdigit(*capa_param)) return -EINVAL; -- 2.30.0