From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 8561CA0C4C; Thu, 14 Oct 2021 10:34:50 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 75957411B6; Thu, 14 Oct 2021 10:34:50 +0200 (CEST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mails.dpdk.org (Postfix) with ESMTP id A9C2D40041 for ; Thu, 14 Oct 2021 10:34:49 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1634200489; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=UngY+p+jFnU8QX1YacV7pugy+4w39RTMbIf/8FXAszg=; b=iSGbGrfNkfVaI63/GEE1RDR/bXHoaglXmfyQUMV6QNGjRFDZZwSHahfsFwbu+5Baa8tu0m XlnxjvsFrEXFjKckqXUJUL9T5Az55GZyNun+rHkFP0d6DHxE4KD/JNuu5Dy/RR9S4dO0kL FE0TSb0KdsiFvZnYBUz2umGEztS5hdA= Received: from mail-lf1-f69.google.com (mail-lf1-f69.google.com [209.85.167.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-452-oL9mO9uLPCCblNBmaIw4gQ-1; Thu, 14 Oct 2021 04:34:35 -0400 X-MC-Unique: oL9mO9uLPCCblNBmaIw4gQ-1 Received: by mail-lf1-f69.google.com with SMTP id k18-20020a05651210d200b003fd86616d39so3868633lfg.2 for ; Thu, 14 Oct 2021 01:34:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UngY+p+jFnU8QX1YacV7pugy+4w39RTMbIf/8FXAszg=; b=VcklYgr8l+KnHSMpHX+z9WUmO7Yizd8XBhMI4rDbZBGXNW0PE6EoQmSosM9IF6Dwdp TX2BO1VsafeLdt3wlYqBkj2ipL8RXbMGwNGhTkL3/3p3Neo8zo6xFe2s4tEbPTU9LmjS c+GtKOSNTkAIprEcKPAmNDyHD4yH+IZhQBgTFRcJU4IoDZJNDu84MG0Gib8/wNlqHl9i 8kY24Y6i0D4YvPK4XIVUYXtmWUqaCqVpAL+6FFb3+aOR/ldOjIQsdYyMgw3bSvmu+eKm Lh8xsUdwUjxz7ectffMu/3Kh0A7dEhpBcPxHNDAOdz28JwLFTs3DPhxtZEtPhC5FlWQb /X3Q== X-Gm-Message-State: AOAM530WbA/6TLhOZtZ4jH59I90SqjA60S4U7Dj0E2sULJHF2D1ZGWNq fDBDNV+ctMOAZrhoXDg5hShC4CvOR2Dj+HTpORYAmQnHlS5WTjyf9izVpCr3KkcoEeLhG2G2ybD pEVyhX/qS8MMnLwSvi7g= X-Received: by 2002:a05:6512:31c3:: with SMTP id j3mr3941514lfe.217.1634200474085; Thu, 14 Oct 2021 01:34:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwGTJ1XerKKrEp0IUZI0WrANhkdQaoJ4+MekZesuEuAHmnw7ViJF5PjLubORFKU2fNEiBWyPOlMdYlgGBcwSTA= X-Received: by 2002:a05:6512:31c3:: with SMTP id j3mr3941492lfe.217.1634200473812; Thu, 14 Oct 2021 01:34:33 -0700 (PDT) MIME-Version: 1.0 References: <1633728526-197782-1-git-send-email-vladimir.medvedkin@intel.com> <1634153265-193315-1-git-send-email-vladimir.medvedkin@intel.com> In-Reply-To: <1634153265-193315-1-git-send-email-vladimir.medvedkin@intel.com> From: David Marchand Date: Thu, 14 Oct 2021 10:34:22 +0200 Message-ID: To: Vladimir Medvedkin Cc: dev , "Wang, Yipeng1" , "Gobriel, Sameh" , Bruce Richardson , dpdk stable Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=dmarchan@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Subject: Re: [dpdk-dev] [PATCH v2] test/hash: fix buffer overflow X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On Wed, Oct 13, 2021 at 9:28 PM Vladimir Medvedkin wrote: > > This patch fixes buffer overflow reported by ASAN, > please reference https://bugs.dpdk.org/show_bug.cgi?id=818 > > Some tests for the rte_hash table use the rte_jhash_32b() as > the hash function. This hash function interprets the length > argument in units of 4 bytes. > > This patch divides configured key length by 4 in cases when > rte_jhash_32b() is used. > > For some tests rte_jhash() is used with keys of length not > a multiple of 4 bytes. From the rte_jhash() documentation: > If input key is not aligned to four byte boundaries or a > multiple of four bytes in length, the memory region just > after may be read (but not used in the computation). > > This patch increases the size of the proto field of the > flow_key struct up to uint32_t and sets the alignment to 4 bytes. > > Bugzilla ID: 818 > Fixes: af75078fece3 ("first public release") > Cc: stable@dpdk.org > > Signed-off-by: Vladimir Medvedkin > --- > app/test/test_hash.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/app/test/test_hash.c b/app/test/test_hash.c > index bd4d0cb..e3f2d29 100644 > --- a/app/test/test_hash.c > +++ b/app/test/test_hash.c > @@ -80,8 +80,8 @@ struct flow_key { > uint32_t ip_dst; > uint16_t port_src; > uint16_t port_dst; > - uint8_t proto; > -} __rte_packed; > + uint32_t proto; > +} __rte_packed __rte_aligned(sizeof(uint32_t)); If in the future, we add a field not multiple of sizeof(uint32_t), there will be some padding at the end of the structure. I *think* holes and padding content is undefined for initialized objects (though maybe things could be different with objects in .data ?). That's probably something to confirm. If this is the case, the hash function would consider random data. I think growing the proto field to uint32_t like you did is the right fix since the whole structure is now naturally uint32_t aligned. But I would remove the aligned attribute and prefer RTE_BUILD_BUG(sizeof(struct flow_key) % sizeof(sizeof(uint32_t)) != 0). Maybe add a comment to explain we keep the packed attribute to avoid holes with potentially undefined content in the middle of this struct. -- David Marchand