From: Ibtisam Tariq <ibtisam.tariq@emumba.com> To: David Marchand <david.marchand@redhat.com> Cc: "Kovacevic, Marko" <marko.kovacevic@intel.com>, "Ananyev, Konstantin" <konstantin.ananyev@intel.com>, "Pattan, Reshma" <reshma.pattan@intel.com>, "Mcnamara, John" <john.mcnamara@intel.com>, Cristian Dumitrescu <cristian.dumitrescu@intel.com>, "Singh, Jasvinder" <jasvinder.singh@intel.com>, "Xia, Chenbo" <chenbo.xia@intel.com>, Maxime Coquelin <maxime.coquelin@redhat.com>, Xiaoyun Li <xiaoyun.li@intel.com>, dev <dev@dpdk.org> Subject: Re: [dpdk-dev] [PATCH 1/8] examples/fips_validation: enhance getopt_long usage Date: Tue, 10 Nov 2020 11:10:09 +0500 Message-ID: <CA+8bGBuJxoao=J79o7Pqw_S8yrXjBHGVCzsynbanBkhxamfCDA@mail.gmail.com> (raw) In-Reply-To: <CAJFAV8zEgU-Mpw9xWizXhP0Jr0OOvbqHEbDZd5dhngnTfr-EUA@mail.gmail.com> Hello David, IMHO, it cannot be moved to read_uint16 parser. If we do, we can't verify that the user input value is greater than UINT16 MAX or not on the overflow data. > > + if (data_room_size == 0 || > > + data_room_size > UINT16_MAX) { > > + cryptodev_fips_validate_usage(prgname); > > + return -EINVAL; > > + } The temp variable:data_room_size is necessary to check the overflow of the command line argument. On Thu, Nov 5, 2020 at 1:59 PM David Marchand <david.marchand@redhat.com> wrote: > > Hello Ibtisam, > > On Wed, Nov 4, 2020 at 11:00 AM Ibtisam Tariq <ibtisam.tariq@emumba.com> wrote: > > > + case MBUF_DATAROOM_KEYWORD_NUM: > > > + { > > > + uint32_t data_room_size; > > > > Here, I don't think we need a temp storage. > > If the value is invalid, the parsing and then init will fail. > > You can directly pass &env.mbuf_data_room to parser_read_uint32 and > > check its value. > > > > > > > > > > > > - env.mbuf_data_room = data_room_size; > > > - } else { > > > + if (parser_read_uint32(&data_room_size, > > > + optarg) < 0) { > > > cryptodev_fips_validate_usage(prgname); > > > return -EINVAL; > > > } > > > + > > > + if (data_room_size == 0 || > > > + data_room_size > UINT16_MAX) { > > > + cryptodev_fips_validate_usage(prgname); > > > + return -EINVAL; > > > + } > > > + > > > + env.mbuf_data_room = data_room_size; > > > + > > > break; > > > + } > > > > The type of env.mbuf_data_room is uint16_t and the temp variable type > > is uint32_t. In my opinion, the temp variable size is bigger than > > env.mbuf_data_room to handle overflow value. > > All of it could be moved to a read_uint16 parser. > WDYT? > > > -- > David Marchand > -- - Ibtisam
next prev parent reply other threads:[~2020-11-10 6:10 UTC|newest] Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-10-29 12:53 Ibtisam Tariq 2020-10-29 12:53 ` [dpdk-dev] [PATCH 2/8] examples/l3fwd-acl: " Ibtisam Tariq 2020-10-29 12:53 ` [dpdk-dev] [PATCH 3/8] examples/packet_ordering: " Ibtisam Tariq 2020-10-29 12:53 ` [dpdk-dev] [PATCH 4/8] examples/performance-thread/l3fwd-thread: " Ibtisam Tariq 2020-10-29 12:53 ` [dpdk-dev] [PATCH 5/8] examples/qos_sched: " Ibtisam Tariq 2020-10-29 12:53 ` [dpdk-dev] [PATCH 6/8] examples/vhost: " Ibtisam Tariq 2020-10-29 12:53 ` [dpdk-dev] [PATCH 7/8] examples/vhost_crypto: " Ibtisam Tariq 2020-10-29 12:53 ` [dpdk-dev] [PATCH 8/8] examples/tep_termination: " Ibtisam Tariq 2020-10-29 13:16 ` David Marchand 2020-11-02 8:18 ` Ibtisam Tariq 2020-10-29 22:07 ` [dpdk-dev] [PATCH 1/8] examples/fips_validation: " David Marchand 2020-11-02 8:32 ` Ibtisam Tariq 2020-11-04 10:00 ` Ibtisam Tariq 2020-11-05 8:59 ` David Marchand 2020-11-10 6:10 ` Ibtisam Tariq [this message] 2020-11-10 8:23 ` David Marchand 2020-11-10 9:03 ` Ibtisam Tariq
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to='CA+8bGBuJxoao=J79o7Pqw_S8yrXjBHGVCzsynbanBkhxamfCDA@mail.gmail.com' \ --to=ibtisam.tariq@emumba.com \ --cc=chenbo.xia@intel.com \ --cc=cristian.dumitrescu@intel.com \ --cc=david.marchand@redhat.com \ --cc=dev@dpdk.org \ --cc=jasvinder.singh@intel.com \ --cc=john.mcnamara@intel.com \ --cc=konstantin.ananyev@intel.com \ --cc=marko.kovacevic@intel.com \ --cc=maxime.coquelin@redhat.com \ --cc=reshma.pattan@intel.com \ --cc=xiaoyun.li@intel.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
DPDK patches and discussions This inbox may be cloned and mirrored by anyone: git clone --mirror https://inbox.dpdk.org/dev/0 dev/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 dev dev/ https://inbox.dpdk.org/dev \ dev@dpdk.org public-inbox-index dev Example config snippet for mirrors. Newsgroup available over NNTP: nntp://inbox.dpdk.org/inbox.dpdk.dev AGPL code for this site: git clone https://public-inbox.org/public-inbox.git