From: Ibtisam Tariq <ibtisam.tariq@emumba.com>
To: David Marchand <david.marchand@redhat.com>
Cc: "Kovacevic, Marko" <marko.kovacevic@intel.com>,
"Ananyev, Konstantin" <konstantin.ananyev@intel.com>,
"Pattan, Reshma" <reshma.pattan@intel.com>,
"Mcnamara, John" <john.mcnamara@intel.com>,
Cristian Dumitrescu <cristian.dumitrescu@intel.com>,
"Singh, Jasvinder" <jasvinder.singh@intel.com>,
"Xia, Chenbo" <chenbo.xia@intel.com>,
Maxime Coquelin <maxime.coquelin@redhat.com>,
Xiaoyun Li <xiaoyun.li@intel.com>, dev <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH 1/8] examples/fips_validation: enhance getopt_long usage
Date: Tue, 10 Nov 2020 11:10:09 +0500
Message-ID: <CA+8bGBuJxoao=J79o7Pqw_S8yrXjBHGVCzsynbanBkhxamfCDA@mail.gmail.com> (raw)
In-Reply-To: <CAJFAV8zEgU-Mpw9xWizXhP0Jr0OOvbqHEbDZd5dhngnTfr-EUA@mail.gmail.com>
Hello David,
IMHO, it cannot be moved to read_uint16 parser.
If we do, we can't verify that the user input value is greater than
UINT16 MAX or not on the overflow data.
> > + if (data_room_size == 0 ||
> > + data_room_size > UINT16_MAX) {
> > + cryptodev_fips_validate_usage(prgname);
> > + return -EINVAL;
> > + }
The temp variable:data_room_size is necessary to check the overflow of
the command line argument.
On Thu, Nov 5, 2020 at 1:59 PM David Marchand <david.marchand@redhat.com> wrote:
>
> Hello Ibtisam,
>
> On Wed, Nov 4, 2020 at 11:00 AM Ibtisam Tariq <ibtisam.tariq@emumba.com> wrote:
> > > + case MBUF_DATAROOM_KEYWORD_NUM:
> > > + {
> > > + uint32_t data_room_size;
> >
> > Here, I don't think we need a temp storage.
> > If the value is invalid, the parsing and then init will fail.
> > You can directly pass &env.mbuf_data_room to parser_read_uint32 and
> > check its value.
> >
> >
> >
> > >
> > > - env.mbuf_data_room = data_room_size;
> > > - } else {
> > > + if (parser_read_uint32(&data_room_size,
> > > + optarg) < 0) {
> > > cryptodev_fips_validate_usage(prgname);
> > > return -EINVAL;
> > > }
> > > +
> > > + if (data_room_size == 0 ||
> > > + data_room_size > UINT16_MAX) {
> > > + cryptodev_fips_validate_usage(prgname);
> > > + return -EINVAL;
> > > + }
> > > +
> > > + env.mbuf_data_room = data_room_size;
> > > +
> > > break;
> > > + }
> >
> > The type of env.mbuf_data_room is uint16_t and the temp variable type
> > is uint32_t. In my opinion, the temp variable size is bigger than
> > env.mbuf_data_room to handle overflow value.
>
> All of it could be moved to a read_uint16 parser.
> WDYT?
>
>
> --
> David Marchand
>
--
- Ibtisam
next prev parent reply other threads:[~2020-11-10 6:10 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-29 12:53 Ibtisam Tariq
2020-10-29 12:53 ` [dpdk-dev] [PATCH 2/8] examples/l3fwd-acl: " Ibtisam Tariq
2020-10-29 12:53 ` [dpdk-dev] [PATCH 3/8] examples/packet_ordering: " Ibtisam Tariq
2020-10-29 12:53 ` [dpdk-dev] [PATCH 4/8] examples/performance-thread/l3fwd-thread: " Ibtisam Tariq
2020-10-29 12:53 ` [dpdk-dev] [PATCH 5/8] examples/qos_sched: " Ibtisam Tariq
2020-10-29 12:53 ` [dpdk-dev] [PATCH 6/8] examples/vhost: " Ibtisam Tariq
2020-10-29 12:53 ` [dpdk-dev] [PATCH 7/8] examples/vhost_crypto: " Ibtisam Tariq
2020-10-29 12:53 ` [dpdk-dev] [PATCH 8/8] examples/tep_termination: " Ibtisam Tariq
2020-10-29 13:16 ` David Marchand
2020-11-02 8:18 ` Ibtisam Tariq
2020-10-29 22:07 ` [dpdk-dev] [PATCH 1/8] examples/fips_validation: " David Marchand
2020-11-02 8:32 ` Ibtisam Tariq
2020-11-04 10:00 ` Ibtisam Tariq
2020-11-05 8:59 ` David Marchand
2020-11-10 6:10 ` Ibtisam Tariq [this message]
2020-11-10 8:23 ` David Marchand
2020-11-10 9:03 ` Ibtisam Tariq
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CA+8bGBuJxoao=J79o7Pqw_S8yrXjBHGVCzsynbanBkhxamfCDA@mail.gmail.com' \
--to=ibtisam.tariq@emumba.com \
--cc=chenbo.xia@intel.com \
--cc=cristian.dumitrescu@intel.com \
--cc=david.marchand@redhat.com \
--cc=dev@dpdk.org \
--cc=jasvinder.singh@intel.com \
--cc=john.mcnamara@intel.com \
--cc=konstantin.ananyev@intel.com \
--cc=marko.kovacevic@intel.com \
--cc=maxime.coquelin@redhat.com \
--cc=reshma.pattan@intel.com \
--cc=xiaoyun.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
DPDK patches and discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://inbox.dpdk.org/dev/0 dev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 dev dev/ https://inbox.dpdk.org/dev \
dev@dpdk.org
public-inbox-index dev
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://inbox.dpdk.org/inbox.dpdk.dev
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git