From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 9AE46A0093;
	Wed,  9 Mar 2022 20:07:06 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 5C3C240395;
	Wed,  9 Mar 2022 20:07:06 +0100 (CET)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com
 [66.111.4.28]) by mails.dpdk.org (Postfix) with ESMTP id 0B9B94013F
 for <dev@dpdk.org>; Wed,  9 Mar 2022 20:07:05 +0100 (CET)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id AC30F5C021B;
 Wed,  9 Mar 2022 14:07:04 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute3.internal (MEProxy); Wed, 09 Mar 2022 14:07:04 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=monjalon.net; h=
 cc:cc:content-transfer-encoding:content-type:date:date:from:from
 :in-reply-to:in-reply-to:message-id:mime-version:references
 :reply-to:sender:subject:subject:to:to; s=fm1; bh=4641Alo+YDqPLc
 b2dsu1PEbGrVcPEPHnIvzLhwX4aSs=; b=loRedYAUuyNbkIv7FXf6pUN4f5p2nT
 vhxahVhuT/99z4tqQZC1dAIjAyVTFuVDdP9orA0ImsbtemKv5s4lBnq5vVlxwIYW
 QCDpzFZVxrXhJ4h3s3qn8hfngxDVlKwmjKjr5S5N0C3BS9m8Od0y5Y7xB/203WDL
 KN8/ueBAAFCeqdFLfSmRa2yIZLUol60viX09PMJi+6zhFdFe8J5hRO4GETHEsFow
 lIQGBAmi6b2xLjn9Xl8vEO2rVnmMdN5GHc/vNOhCnJrk+oeq1CsJcNAH6PRR5x4S
 wbxU2hn/ztL2QXKETT7IzqVc7O+aLRuOmEJqtYV/CrivwVjwYM5shOrw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:cc:content-transfer-encoding
 :content-type:date:date:from:from:in-reply-to:in-reply-to
 :message-id:mime-version:references:reply-to:sender:subject
 :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
 :x-sasl-enc; s=fm2; bh=4641Alo+YDqPLcb2dsu1PEbGrVcPEPHnIvzLhwX4a
 Ss=; b=D1jXIKCuq1GZzA8CoIORMnTGwHjQ2LVQXrp2mUfs6Ev0IT/tVmo4UEREe
 5pqY7rum4CJFSzvxBrkP6AQy6hqWf/3P5KxBVlvjnlTDbPXtUMbo+F97cyRZIDmL
 LEwmSM4FmP/TOCXspjkq4QhJFETbrH41udFisuYrJyirtlevL5AxwweIxx+XKhDQ
 YzNrrML4Rlonf2ICGiHN1uJg3iecj2scA1eLFmeIviE6J7hEJkSORijK0FBHBBZU
 wPq8z8+SvruxhyIeOEfs61yvZcQWMhVgoroxwv4kpzX1QTO1YYNXVnMoVD/DQ1z/
 GfhWzpA1d1s5M7DK5U5HgLuiU3mqQ==
X-ME-Sender: <xms:2PooYjpgEO8v_nMR3eaElP4ZnNwrg8JO1McoBa9lUd_wj5HVm-zndg>
 <xme:2PooYtow28lXHoXGbz2pUXVh_jUSZRgE3n2Lcn8wq9jCdqosCfPKDsReEIq765KP9
 kVQ7CjfVuSQVyR0hg>
X-ME-Received: <xmr:2PooYgMBkOzrScJSY5_g6WNXAXtHtmI3N9PuRe1dMH9lFf1pUVdxvN9KJLyQYcTdLLfwlgI0m-lKEvdSqm2-luONDg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddruddukedguddulecutefuodetggdotefrod
 ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh
 necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
 enucfjughrpefhvffufffkjghfggfgtgesthfuredttddtvdenucfhrhhomhepvfhhohhm
 rghsucfoohhnjhgrlhhonhcuoehthhhomhgrshesmhhonhhjrghlohhnrdhnvghtqeenuc
 ggtffrrghtthgvrhhnpedtgeefudfgfeekteevgeejieejteffudffleehfeevvddtgeet
 iefhhedugfegueenucffohhmrghinhepghhouggsohhlthdrohhrghenucevlhhushhtvg
 hrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehthhhomhgrshesmhhonhhj
 rghlohhnrdhnvght
X-ME-Proxy: <xmx:2PooYm6M4Oe41lY4iVahCQOBqHlCygXGL9bo1sn1gyaxfiflxTS4ug>
 <xmx:2PooYi5jco6tS8gBH917NSe0QNGrCkwq7AoND6Y2w0taCyeHEfv_cA>
 <xmx:2PooYugqHj-2808mYIFCT8Yo-OxBw0n-xQjoqa4xM4rXGkKVrm2lAw>
 <xmx:2PooYiFoyQzIO3VDne9LTaH5zYZkaGPYnrw_KY0xdQdfS2o2q0qBPA>
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed,
 9 Mar 2022 14:07:03 -0500 (EST)
From: Thomas Monjalon <thomas@monjalon.net>
To: Rahul Bhansali <rbhansali@marvell.com>
Cc: "dev@dpdk.org" <dev@dpdk.org>,
 "david.marchand@redhat.com" <david.marchand@redhat.com>,
 Conor Walsh <conor.walsh@intel.com>
Subject: Re: [EXT] Re: [PATCH] examples/l3fwd: resolve stack buffer overflow
 issue
Date: Wed, 09 Mar 2022 20:07:02 +0100
Message-ID: <8029134.GJh79HuArf@thomas>
In-Reply-To: <CO6PR18MB3844B0B47EFA841F04E2CA62B80A9@CO6PR18MB3844.namprd18.prod.outlook.com>
References: <20220111125005.554635-1-rbhansali@marvell.com>
 <4698000.9Mp67QZiUf@thomas>
 <CO6PR18MB3844B0B47EFA841F04E2CA62B80A9@CO6PR18MB3844.namprd18.prod.outlook.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

09/03/2022 16:24, Rahul Bhansali:
> Hi Thomas,
> 
> From: Thomas Monjalon <thomas@monjalon.net>
> > 11/01/2022 13:50, Rahul Bhansali:
> > >  		/* copy rest of the packets into the TX buffer. */
> > >  		len = num - n;
> > > +		if (len == 0)
> > > +			goto exit;
> > > +
> > 
> > I don't understand how it can fix something.
> > There is already  "while (j < len)" with j and len being 0, the loop should not be
> > effective in this case.
> 
> This Switch will execute Case statement first even before considering the while condition or anything else before case statement. While condition will be executed only after all switch cases are executed.

I don't know this construct. Is it part of the C standard?
We learn something everyday :)

> Hence in case of len = 0 and n > 28, it is throwing stack buffer overflow error.
> 
> Below is sample code to simulate the while loop behavior inside switch. Checked it for both x86 and arm64.
> https://godbolt.org/z/4Kecqbsde 
> 
> > 
> > >  		j = 0;
> > >  		switch (len % FWDSTEP) {
> > >  		while (j < len) {