From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cata.vasile@nxp.com>
Received: from EUR01-VE1-obe.outbound.protection.outlook.com
 (mail-ve1eur01on0054.outbound.protection.outlook.com [104.47.1.54])
 by dpdk.org (Postfix) with ESMTP id 84F096A5B
 for <dev@dpdk.org>; Wed,  6 Jul 2016 11:23:22 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; 
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=HxxKOmDs5Fmw09QDOnbwHg3Ws6V8c6sJZUOiu1sA5K4=;
 b=ps741eXeKXJtIy8neus20pHcz2NZVyzN0sRpSbvHpt7AzqHfrjsuj9LJEJxdf9S9Tvvdde11yLScZKYrAjV0+cCxImk0K9Uu1LZj943pXJs0Cyoq/B70aLhs1OKw7zPLqiHdzQKyXYqLsD9eUlwNOwVBR1skw6gNLtSU5ZiJgYU=
Received: from DB5PR04MB1302.eurprd04.prod.outlook.com (10.162.156.156) by
 DB5PR04MB1301.eurprd04.prod.outlook.com (10.162.156.155) with Microsoft SMTP
 Server (TLS) id 15.1.528.16; Wed, 6 Jul 2016 09:23:20 +0000
Received: from DB5PR04MB1302.eurprd04.prod.outlook.com ([10.162.156.156]) by
 DB5PR04MB1302.eurprd04.prod.outlook.com ([10.162.156.156]) with mapi id
 15.01.0528.023; Wed, 6 Jul 2016 09:23:21 +0000
From: Catalin Vasile <cata.vasile@nxp.com>
To: "dev@dpdk.org" <dev@dpdk.org>
Thread-Topic: [app/test/test_cryptodev.c] setup_test_string() - buffer
 overflow, segfault
Thread-Index: AQHR12bPvHuvg3VkgEuFPHDDB2xBEA==
Date: Wed, 6 Jul 2016 09:23:21 +0000
Message-ID: <DB5PR04MB1302A74963BB0F0D0DB57182EE3A0@DB5PR04MB1302.eurprd04.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=cata.vasile@nxp.com; 
x-originating-ip: [132.245.56.101]
x-ms-office365-filtering-correlation-id: 46267fa3-01ad-4f19-6ec4-08d3a57f2c4b
x-microsoft-exchange-diagnostics: 1; DB5PR04MB1301;
 6:g3Sc5HeLU3fZqs7cNX2zf4ArPpmqraLOeieqBASoRWUV455zgdyqFOYMMcJ2C6q8FosKWXmqevnpMiU5SbkfENrIA/b2fPat+GwEkps9OJEAqo3bkeCPB6+LGVRHAWFoVPfGN/ubXAJF/bjOK2PMmu4dgf9Gf4bosVqhRPuAju5xz0yupoyfnXuKONgvnsusZqjs1pmb9L+Ktr7acpuf56EdbVHXogJ6a+3oa9FddQty5sCtAZyS4a3FxTt3t1I4JR25/38JcxelJLhx5eCADRmuCpJTz3OHhzuFHmwpfw3LKxcK64DQQDL5KsNT3k9p0BhN/Sa2wZedZ+uUcZ5zxg==;
 5:UkXfQBDhpu7i0FO4/UsCYJetkLFBBd/RQ5BoWonoQ4Y/LBzXdzUu+natIDGCilYU3RmWrzgrpyS9Y0D6lDVnGLqjflvv2CuwR/x7E8H/MGgOiDbxYERZtXe4fUZupJPYWzawl+9Tu2WoLQy2YneuKQ==;
 24:paHVLywJ35xgLFP/LguE9yirLQmpZuJsMu6vQRQy61MAANjctlW9A6sVM9oEeECjo9E7ugyI3aL88usFElX8Z0i+WSnzFLCCtRk+WNMqcrI=;
 7:uy9CfNHG1MODXYe440TL3UzU0mp3jwDdh0lGlLFLVlDXKmqjT8q9vJ0rfkJOCtNnp4KpCCkGM/0GP0ad9iiI3A0k88qQVlbN8irBFmkJ0UIzftuE5OURKeWc5DI7QNg9dE8jQyjX8PGyA9KT8TMYbaXsfzkPBvf/yrnh18JLOilSz3TOcp4fxO4hy7ED1kU/CBcO8Im+EbUkDA61MCN5uOtSwQzJxd2PVswAV1zdW10pCcVHeHWMGNPS97QHSbli
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB5PR04MB1301;
x-microsoft-antispam-prvs: <DB5PR04MB13011FA8C6521ECCBB580A3EEE3A0@DB5PR04MB1301.eurprd04.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0;
 RULEID:(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026);
 SRVR:DB5PR04MB1301; BCL:0; PCL:0; RULEID:; SRVR:DB5PR04MB1301; 
x-forefront-prvs: 0995196AA2
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10009020)(6009001)(7916002)(199003)(189002)(68736007)(87936001)(9686002)(2900100001)(6116002)(102836003)(3280700002)(3660700001)(92566002)(66066001)(3846002)(5002640100001)(5640700001)(107886002)(110136002)(189998001)(2906002)(33656002)(77096005)(586003)(97736004)(122556002)(450100001)(86362001)(50986999)(54356999)(106356001)(74316002)(8676002)(105586002)(106116001)(76576001)(5003600100003)(7696003)(7736002)(101416001)(305945005)(7846002)(2501003)(2351001)(1730700003)(10400500002)(8936002)(229853001)(81156014)(81166006);
 DIR:OUT; SFP:1101; SCL:1; SRVR:DB5PR04MB1301;
 H:DB5PR04MB1302.eurprd04.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords;
 A:1; MX:1; LANG:en; 
received-spf: None (protection.outlook.com: nxp.com does not designate
 permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nxp.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jul 2016 09:23:21.0481 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB5PR04MB1301
Subject: [dpdk-dev] [app/test/test_cryptodev.c] setup_test_string() - buffer
 overflow, segfault
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jul 2016 09:23:22 -0000

Hi,

I was trying to run cryptodev_aesni_mb_autotest with the "test" app.
I ran into an overflow which I think I=A0debugged.
The initial symptom was at=A0rte_mempool_lookup() called=A0from=A0rte_crypt=
odev_sym_session_pool_create(),
strncmp() went on a segfault, because "te"' 's members were NULL.
I set a watchpoint with gdb for that specific "te" memory location and it a=
ppears that it gets overwritten at memset() in=A0setup_test_string().
If in setup_test_string() I add this code:
	struct rte_mbuf *m =3D rte_pktmbuf_alloc(mpool);
	int buf_len =3D rte_pktmbuf_data_room_size(mpool);
	size_t t_len =3D len - (blocksize ? (len % blocksize) : 0);


	printf("[SETUP STRING] m->buf_len =3D %d mpool->elt_size =3D %d room_size =
=3D %d\n ",
		(int) m->buf_len, (int) mpool->elt_size, buf_len);
	memset(m->buf_addr, 0, m->buf_len);
I get this output:
	[SETUP STRING] m->buf_len =3D 2816 mpool->elt_size =3D 2496 room_size =3D =
2368

I am not very sure what should be used in that memset() (I do not know the =
API that well), but buf_len seems bigger then an element size from that mem=
ory pool.

If I change that memset() to plain buf_len, the tests run completely.

Cata=