From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by dpdk.org (Postfix) with ESMTP id 55A552B9C for ; Mon, 25 Feb 2019 12:52:14 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Feb 2019 03:52:13 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,411,1544515200"; d="scan'208";a="136988775" Received: from irsmsx110.ger.corp.intel.com ([163.33.3.25]) by orsmga002.jf.intel.com with ESMTP; 25 Feb 2019 03:52:11 -0800 Received: from irsmsx101.ger.corp.intel.com ([169.254.1.185]) by irsmsx110.ger.corp.intel.com ([169.254.15.86]) with mapi id 14.03.0415.000; Mon, 25 Feb 2019 11:52:10 +0000 From: "Trahe, Fiona" To: Anoob Joseph , Akhil Goyal , "Doherty, Declan" , "De Lara Guarch, Pablo" , "Yigit, Ferruh" , Thomas Monjalon CC: Jerin Jacob Kollanukkaran , "Narayana Prasad Raju Athreya" , "dev@dpdk.org" , Ankur Dwivedi Thread-Topic: [PATCH] lib/cryptodev: fix driver name comparison Thread-Index: AQHUvHxsntNewzBh2Ey4taeN+7Qt9aXo7DZAgAGkSYCAAMGkYIAAvGkQgADywKCAA4WCgA== Date: Mon, 25 Feb 2019 11:52:09 +0000 Message-ID: <348A99DA5F5B7549AA880327E580B435896F6EC3@IRSMSX101.ger.corp.intel.com> References: <1549279528-10397-1-git-send-email-anoobj@marvell.com> <348A99DA5F5B7549AA880327E580B435896F431A@IRSMSX101.ger.corp.intel.com> <348A99DA5F5B7549AA880327E580B435896F4E65@IRSMSX101.ger.corp.intel.com> In-Reply-To: Accept-Language: en-IE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZmI5M2ZmMmMtZDU5YS00MjEyLThjMTQtY2RmNzQ5ZGE3NTNlIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiaWpsb0FQcEZYQ2VDSmhyQlwvUmhtSmJ4Rm1nQTkxXC9aeDgzVldmbHliUGF0MnJOYTU2YjVqOWxYVFlhSXI3Mlc3In0= x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.400.15 dlp-reaction: no-action x-originating-ip: [163.33.239.180] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] [PATCH] lib/cryptodev: fix driver name comparison X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2019 11:52:14 -0000 Hi Anoob > -----Original Message----- > From: Anoob Joseph [mailto:anoobj@marvell.com] > Sent: Saturday, February 23, 2019 6:12 AM > To: Trahe, Fiona ; Akhil Goyal ; Doherty, Declan > ; De Lara Guarch, Pablo ; Yigit, Ferruh > ; Thomas Monjalon > Cc: Jerin Jacob Kollanukkaran ; Narayana Prasad Raju = Athreya > ; dev@dpdk.org; Ankur Dwivedi > Subject: RE: [PATCH] lib/cryptodev: fix driver name comparison >=20 > Hi Fiona, >=20 > > -----Original Message----- > > From: Trahe, Fiona > > Sent: Friday, February 22, 2019 9:09 PM > > To: Anoob Joseph ; Akhil Goyal ; > > Doherty, Declan ; De Lara Guarch, Pablo > > > > Cc: Jerin Jacob Kollanukkaran ; Narayana Prasad Raj= u > > Athreya ; dev@dpdk.org; Ankur Dwivedi > > ; Trahe, Fiona > > Subject: RE: [PATCH] lib/cryptodev: fix driver name comparison > > > > Hi Anoob, > > > > > > > > @@ -542,8 +543,8 @@ rte_cryptodev_get_dev_id(const char *name) > > > > > > return -1; > > > > > > > > > > > > for (i =3D 0; i < cryptodev_globals.nb_devs; i++) > > > > > > - if ((strcmp(cryptodev_globals.devs[i].data->name, name) > > > > > > - =3D=3D 0) && > > > > > > + if ((strncmp(cryptodev_globals.devs[i].data->name, > > name, > > > > > > + RTE_CRYPTODEV_NAME_MAX_LEN) > > =3D=3D 0) > > > > && > > > > [Fiona] Is this safe? The const passed to this may not be the full > > > > length of RTE_CRYPTODEV_NAME_MAX_LEN. Does this prototype need to > > > > specify that a full length const filled with trailing zeros must be > > > > passed in? And if so is this an ABI breakage? > > > > > > > > > > [Anoob] strcmp itself is not safe when we have buffers which are not > > > NULL terminated. Strncmp will make sure the check won't exceed > > RTE_CRYPTODEV_NAME_MAX_LEN. > > > > > > From man page, "The strncmp() function is similar, except it only > > > compares the first (at most) n bytes of > > > s1 and s2." > > > > > > The main issue here is the usage of strncmp with strlen(driver_name), > > > as in the below cases. Strlen will return string length, which doesn'= t > > > include \0. strcmp is good enough to fix the issue. But usage of > > > strcmp would assume that the const is filled with trailing zero. IMO,= none of > > these options are really safe. So please advise on what would be the be= st > > solution here. I'll revise the patch accordingly. > > [Fiona] I agree and think it is safest as you've coded it. However I'd = suggest > > adding a comment on the relevant APIs saying that the string must be pa= ssed in > > in a buffer of size with trailing zeros. >=20 > [Anoob] Do you want this patch to address that? And wouldn't specifying s= omething like that explicitly, be > an ABI breakage? [Fiona] Yes, I think it should be in this patch as this patch is causing it= . But it's up to the maintainers what's acceptable - it seems to me that it's= an ABI breakage, avoiding saying it explicitly doesn't make it less so. =20 >=20 > Also, I think the same is applicable for other similar functions (rte_eth= _dev_get_port_by_name() etc), > wherever we expect a string. Please do share your thoughts on what all I = should include in this patch. >=20 > Thanks, > Anoob