From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <olivier.matz@6wind.com>
Received: from mail-lf0-f41.google.com (mail-lf0-f41.google.com
 [209.85.215.41]) by dpdk.org (Postfix) with ESMTP id 6924A2C60
 for <dev@dpdk.org>; Mon,  4 Apr 2016 10:00:50 +0200 (CEST)
Received: by mail-lf0-f41.google.com with SMTP id p188so129802299lfd.0
 for <dev@dpdk.org>; Mon, 04 Apr 2016 01:00:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=6wind-com.20150623.gappssmtp.com; s=20150623;
 h=subject:to:references:cc:from:message-id:date:user-agent
 :mime-version:in-reply-to:content-transfer-encoding;
 bh=/2q1+vaJu+jvNUxuxwnxMUu/CrQUpLYzFt2VbMrfuWs=;
 b=Az6sWIIza32ZLP0eam4jciagNUuVbCYNK4jgBZ1UlEg6cmz/G3A987dwcHdHZtkUmt
 tJbZOKyAbo+7iK07CT1VhxlW3+Pqft8aq+Zm4vYjDbMPk+Mv3V/yFbLo3818ARHarrin
 kfhJey9zLHbqJXKaF67o2/pjQLmyDGRr50MK77C6xjIlo7GFBhda6l8palrIs/JcXkad
 HjedjJixfFmcN2mPXJhc1FFBitWSjpH8QFHi72yA9LqoG54xfVRtKldF5nghhR5WVsJb
 f8yhScinD67qfkDkFG2HsM7NirZhSpbVl33CSclVV+ux9hh5mcaH3ZS/UAETdnTvkpcH
 LFJg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:subject:to:references:cc:from:message-id:date
 :user-agent:mime-version:in-reply-to:content-transfer-encoding;
 bh=/2q1+vaJu+jvNUxuxwnxMUu/CrQUpLYzFt2VbMrfuWs=;
 b=LrMMMhNjCt3lfMjL+e7VpvMwtFjqt8e9BPONR8578gz1bivHIMJX2M3pSzjm86c08d
 H5FRatQxwwaXBMADaooF9cZhsOa5/X1eu9r68aUJumCSxmd0SbJ3Xz1bN4O88JlcIvdj
 BHHPbZ6LY8TbZmxM3EWzPaAtOxi47laNlwaS92FFqvZxn9M/rywc2i86AjUDQp0AdEbd
 ocvIvQlb3t1N1M8U8CsXn9/BPq6yrwOkDq247KLcZMab5Q/TNNJmsZg3zk6huLfE7nB6
 9Ys7vCeEw9JlfKiqXd6eL3lVZ5FFJYbqXRDuLuwY/Xa5mKGPnqFlct7+vI6QKXzdNDqQ
 VbMw==
X-Gm-Message-State: AD7BkJKw2uFkWk82VmcTMwYpdSl97tzLSobPw6pN5ji7uZj0N7eq1CWfafJIQFvy5L21B8Ak
X-Received: by 10.194.87.103 with SMTP id w7mr4652991wjz.13.1459756849841;
 Mon, 04 Apr 2016 01:00:49 -0700 (PDT)
Received: from [192.168.0.10] (was59-1-82-226-113-214.fbx.proxad.net.
 [82.226.113.214])
 by smtp.gmail.com with ESMTPSA id ll9sm27713494wjc.29.2016.04.04.01.00.48
 (version=TLSv1/SSLv3 cipher=OTHER);
 Mon, 04 Apr 2016 01:00:49 -0700 (PDT)
To: Piotr Azarewicz <piotrx.t.azarewicz@intel.com>
References: <1459510581-31392-1-git-send-email-piotrx.t.azarewicz@intel.com>
Cc: dev@dpdk.org
From: Olivier Matz <olivier.matz@6wind.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <57021F2E.8070306@6wind.com>
Date: Mon, 4 Apr 2016 10:00:46 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Icedove/38.6.0
MIME-Version: 1.0
In-Reply-To: <1459510581-31392-1-git-send-email-piotrx.t.azarewicz@intel.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [dpdk-dev] [PATCH v1 1/1] cmdline: add any multi string mode to
	token string
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Apr 2016 08:00:51 -0000

Hi Piotr,

This is globally ok for me. Please see a comment below.

On 04/01/2016 01:36 PM, Piotr Azarewicz wrote:
> @@ -162,12 +174,15 @@ cmdline_parse_string(cmdline_parse_token_hdr_t *tk, const char *buf, void *res,
>  	}
>  
>  	if (res) {
> -		/* we are sure that token_len is < STR_TOKEN_SIZE-1 */
> -		snprintf(res, STR_TOKEN_SIZE, "%s", buf);
> -		*((char *)res + token_len) = 0;
> +		if ((sd->str != NULL) && (strcmp(sd->str, TOKEN_STRING_MULTI) == 0))
> +			snprintf(res, token_len + 1, "%s", buf);
> +		else {
> +			/* we are sure that token_len is < STR_TOKEN_SIZE-1 */
> +			snprintf(res, STR_TOKEN_SIZE, "%s", buf);
> +			*((char *)res + token_len) = 0;
> +		}
>  	}
>  

Using token_len + 1 as the buffer size in the snprintf looks a
bit dangerous, as it won't protect from overflows.

See the following example:


struct cmd_foo_result {
	cmdline_fixed_string_t args;
        cmdline_fixed_string_t foo;
};

static void
cmd_foo_parsed(void *parsed_result,
        __rte_unused struct cmdline *cl,
        __rte_unused void *data)
{
        struct cmd_foo_result *res = parsed_result;
        printf("foo=%s, args=%s\n", res->foo, res->args);
}

cmdline_parse_token_string_t cmd_foo_foo =
        TOKEN_STRING_INITIALIZER(struct cmd_foo_result, foo,
                                 "foo");
cmdline_parse_token_string_t cmd_foo_args =
        TOKEN_STRING_INITIALIZER(struct cmd_foo_result, args,
                TOKEN_STRING_MULTI);

cmdline_parse_inst_t cmd_foo = {
        .f = cmd_foo_parsed,  /* function to call */
        .data = NULL,      /* 2nd arg of func */
        .help_str = "test",
        .tokens = {        /* token list, NULL terminated */
                (void *)&cmd_foo_foo,
                (void *)&cmd_foo_args,
                NULL,
        },
};


The result will be:

# ok
RTE>>foo xxx
foo=foo, args=xxx

# not ok, args overflows in foo
RTE>>foo
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
foo=xxxxxxxxxxxxxxxxxxxxxxx,
args=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


That's why snprintf() should still use STR_TOKEN_SIZE.


Regards,
Olivier