From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6C7E3A00C5; Thu, 30 Apr 2020 14:55:52 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 49E7F1DBC7; Thu, 30 Apr 2020 14:55:52 +0200 (CEST) Received: from mail-vk1-f195.google.com (mail-vk1-f195.google.com [209.85.221.195]) by dpdk.org (Postfix) with ESMTP id A26681DBB6 for ; Thu, 30 Apr 2020 14:55:50 +0200 (CEST) Received: by mail-vk1-f195.google.com with SMTP id j1so1690039vkc.2 for ; Thu, 30 Apr 2020 05:55:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mLzO2/hZf2cumToWnw78JAvVXFvhDAnZAlsmm2mY3LE=; b=NRX/e11SfN0GFaZIvEImo6LQhFCnQ8iEtigx2RRhR22dOFdSzQXdPWJiGx+6Wq2+ob nn1XHi3ZR78s2lM4ta1h7VsZz6xQOSiXuPENOnHMmEoqgWMGYv03C1hb7HSR5nfSL0TG /fQmrOonKd+qWx+OjIUkxUsG1xYh1hrJ2N73A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mLzO2/hZf2cumToWnw78JAvVXFvhDAnZAlsmm2mY3LE=; b=exIJKWzgcLSjMAZGF1iXURzS7SX/nWtfF76n80ePtKBnSlPrwQUao7rz4yIULHGk2B ScNMh1H4GhX+IQ1g2cvesejCVrC5jdnVqhMvNhTsnBNo7tQHmg3dML42ox/g0GOof5jT BgDoCoFsHW/FigvAfeLX/teR0cU+LCRc043Ghpp/UwWmsfEgyxk9iV5Igaj+/i6myDoZ YqPG3fR7scDBX4U+mr3X7zOChjyez+wVsrqXEgmnfYuMoUzn0cvse9WaHX9DwG7UXvSD tZTWx1fTGRFmJwNezSn9dbidAsmWnMDoyRBdd6sVLQy/0E5iB8tUu+b/ZkTv9eJOSGJa SVhg== X-Gm-Message-State: AGi0PuZ8ZxAiZ+CJL89YvsB+SskpB87PC0FuALSjXURP7jW6bkkRKeEx jnyEXDTAWIaCIscJoi2dQHMOzExBvb9IDWLhHPcrYw== X-Google-Smtp-Source: APiQypJHE79fp3Cbd7Uo5jrZeytiaoRpTo9e4/+fBUFZbwb31mgSTSqgRzcKvfdJvNdKC9UlBbD1KsstIRgrC+/6+BM= X-Received: by 2002:a1f:4a84:: with SMTP id x126mr2503836vka.3.1588251349876; Thu, 30 Apr 2020 05:55:49 -0700 (PDT) MIME-Version: 1.0 References: <1588248312-7410-1-git-send-email-yuanlinsi01@baidu.com> In-Reply-To: <1588248312-7410-1-git-send-email-yuanlinsi01@baidu.com> From: Somnath Kotur Date: Thu, 30 Apr 2020 18:25:38 +0530 Message-ID: To: yuanlinsi01 , Lance Richardson Cc: Ajit Kumar Khaparde , dev Content-Type: text/plain; charset="UTF-8" Subject: Re: [dpdk-dev] [PATCH] net/bnxt: fix a possible stack smashing X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" +Lance Richardson Thanks for the patch, could you please add the 'Fixes' tag as well ? On Thu, Apr 30, 2020 at 5:35 PM yuanlinsi01 wrote: > > We see a stack smashing as a result of defensive code missing. Once the > nb_pkts is less than RTE_BNXT_DESCS_PER_LOOP, it will be modified to > zero after doing a floor align, and we can not exit the following > receiving packets loop. And the buffers will be overwrite, then the > stack frame was ruined. > > Fix the problem by adding defensive code, once the nb_pkts is zero, just > directly return with no packets. > > Signed-off-by: yuanlinsi01 > Signed-off-by: rongdongsheng > --- > drivers/net/bnxt/bnxt_rxtx_vec_sse.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/drivers/net/bnxt/bnxt_rxtx_vec_sse.c b/drivers/net/bnxt/bnxt_rxtx_vec_sse.c > index d0e7910e7..c4adccdbc 100644 > --- a/drivers/net/bnxt/bnxt_rxtx_vec_sse.c > +++ b/drivers/net/bnxt/bnxt_rxtx_vec_sse.c > @@ -233,8 +233,13 @@ bnxt_recv_pkts_vec(void *rx_queue, struct rte_mbuf **rx_pkts, > /* Return no more than RTE_BNXT_MAX_RX_BURST per call. */ > nb_pkts = RTE_MIN(nb_pkts, RTE_BNXT_MAX_RX_BURST); > > - /* Make nb_pkts an integer multiple of RTE_BNXT_DESCS_PER_LOOP */ > + /* > + * Make nb_pkts an integer multiple of RTE_BNXT_DESCS_PER_LOOP > + * nb_pkts < RTE_BNXT_DESCS_PER_LOOP, just return no packet > + */ > nb_pkts = RTE_ALIGN_FLOOR(nb_pkts, RTE_BNXT_DESCS_PER_LOOP); > + if (!nb_pkts) > + return 0; > > /* Handle RX burst request */ > while (1) { > -- > 2.11.0 >