From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 82232A0548; Fri, 23 Apr 2021 11:08:35 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 0E1594067E; Fri, 23 Apr 2021 11:08:35 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 07A844014F for ; Fri, 23 Apr 2021 11:08:33 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 13N984W6014799; Fri, 23 Apr 2021 02:08:33 -0700 Received: from nam02-bl2-obe.outbound.protection.outlook.com (mail-bl2nam02lp2059.outbound.protection.outlook.com [104.47.38.59]) by mx0b-0016f401.pphosted.com with ESMTP id 383ds8jbuu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 23 Apr 2021 02:08:33 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ao7+tM5LdPrDNkEPmyobQfZp6xsrhiYmVVIf35hwFDdw0Z/Ay7lrycUimc5MZeruMV+WQMsYJabJ+J+icWYhLh+N5aKhtlotvB628nZApIOuAibluHg0tcEJ1uFutC5kwnq/JbVWmK81FsgZ0Ts4UqJwVmgOb7Kmkeub6ZLrXvn6JnJMx71c5MaGExPn5FL6fPKU/zO9Es6buVMj6+7wzHuVhSfKDjAbZZsiBPogfwIaru7mzd0H93sJIzbX9sCAiCPhiozNQaECXgFFOPCgKbpIrHxMMNIxZQTpF3oz4BJkc6paCRfKFN4PNvOgG4j3dcC7JBZONmfpjXsFq4pBrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2zj5wFWTVP/SWo1ckAa3wdNLz40fh832J5zNLL1H3oI=; b=GtF1BMb0fHc1ljeZaA7ktZ/nj7CCnrf1zZMOaEtm3siRWU+k9gJo7P/4cbFmBQQ52tySPce1Cm3ht+8jtpzgOQ5Bz7yrRGyGyfL8kwc81WRlcEV/8plE8J8epS5aSZ7ax96mrLAdoGgrNSXronm7egKujisW0SACVA+sB1TvjWUB7vTEdHTzH3lCQx+LXS5IfIutdz7tQ53PTwdA8d/9beC9A04x/rNlfhsytcGz1AO0L+byH9suSOVWQHF29JohdfRqRFABFWdZDMbhNItSNuc05XccEzGoDtrv/kVHwBSXO2hFPvGICsIaOWdvS4YbCXLJCLjhbIKVI+fEws90OA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2zj5wFWTVP/SWo1ckAa3wdNLz40fh832J5zNLL1H3oI=; b=U9UWQOq3QD9A788umKLoN+8eCSN99r3Z+sib17w8K/qugGdnXznONTD/BLxUFlNMnKejMQKJIAT8Bbe0KXRe6EQUvPZYknCJftDhFdfpVQWeoCffegqjy/Kbu/DhhdpyygRRNDreDR2sYI1gimF0X3OsvAeLu9No1GwtoNXlvK4= Received: from PH0PR18MB4086.namprd18.prod.outlook.com (2603:10b6:510:3::9) by PH0PR18MB4104.namprd18.prod.outlook.com (2603:10b6:510:3::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.22; Fri, 23 Apr 2021 09:08:31 +0000 Received: from PH0PR18MB4086.namprd18.prod.outlook.com ([fe80::a187:4890:1cd6:30d2]) by PH0PR18MB4086.namprd18.prod.outlook.com ([fe80::a187:4890:1cd6:30d2%7]) with mapi id 15.20.4065.024; Fri, 23 Apr 2021 09:08:30 +0000 From: Pavan Nikhilesh Bhagavatula To: "Min Hu (Connor)" , "dev@dpdk.org" CC: "ferruh.yigit@intel.com" , Jerin Jacob Kollanukkaran , "thomas@monjalon.net" Thread-Topic: [EXT] [dpdk-dev] [PATCH] app/testeventdev: fix buffer overflow Thread-Index: AQHXOBOiH//ryKDTO0u5s7o8uAmSSqrBz2lQ Date: Fri, 23 Apr 2021 09:08:30 +0000 Message-ID: References: <1619163488-63913-1-git-send-email-humin29@huawei.com> In-Reply-To: <1619163488-63913-1-git-send-email-humin29@huawei.com> Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: huawei.com; dkim=none (message not signed) header.d=none;huawei.com; dmarc=none action=none header.from=marvell.com; x-originating-ip: [2405:201:d009:304d:991b:9cd2:da8c:7b6d] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f5e34418-48e7-4f2c-a43c-08d906375d65 x-ms-traffictypediagnostic: PH0PR18MB4104: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:2958; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: O458vXTGjfSpmfHqnGXWUhm99XLx7RdNuMn1XUIB1E4VruBo1sT7Tlzh1tw2IQzTRA7aGJcLJf3snhz+JjY3nCPrub6AaRvDo47w+nclv1AzDE598NmtCifscdfnTDZ71irqyPylu3y5FHj8Nx1ffXrm2nRGkY/02zTx1XM4LZ48BBcWSryk9/26qfsQdECbSCShBPSmZDF1ZwtXKDW+C/6BQBjVx2vjsHxcvt0EaMXQJq3ZPh7X5lPMM9JFdfywaeWKFtcOezrtp/NnEPksopz+79gr2CRnUOTkaKTmZoFjIh0y8fHTKcRX6bBUvdS9WqsxlQ+0QGR8aWYYsY7b4NRdFbsxwPK3h2HkyPDlljjTPCvZxY47igYgfBpvqwvPM3kaUKocTXP7A+c+6vRw9WjyD6vKUj9pv8s0X5UHYNJx1lOd5g/mJ7YmTJmP71VQi7CH2cjDOEW0RQwZPUEVps/mhSuc42Nr6PCXXNzuYHQ0rbAe2gF/GtiwNc3pqjUMAhS8h1SyBpCsl6rSQuNuJYYwF/II3lx7uXeQOQcM0k0/8hiv29lBJR+RHGLTSQxDf4vC77v8N5zLUxdX/wt2OznSFij86J3lPNJuHUzPghQ= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR18MB4086.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(396003)(136003)(39860400002)(346002)(66446008)(52536014)(9686003)(4326008)(76116006)(8676002)(7696005)(66556008)(64756008)(38100700002)(6506007)(110136005)(66946007)(2906002)(5660300002)(122000001)(186003)(55016002)(8936002)(33656002)(66476007)(316002)(54906003)(71200400001)(83380400001)(478600001)(86362001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?1fDiUzz/QnGPr2N2IiXe1qBOnHqx0ynhpq4BfkFlLC4WStE5SDyjnSVpPSgT?= =?us-ascii?Q?3uzsNZ4LvtfB9h/dhK0N2gs2k6+D0iziy7tZF09MHMZOY+FFD7VOaUIwvIBB?= =?us-ascii?Q?rrtjufnByHccrBxqE0uJuPE5Wnsfq7zxhLmqf3vbbNAi7mZZGK0t5feVV/Dp?= =?us-ascii?Q?VaHaYTEk2vnSD2wcFv6HxXYpOeF8oxD1/Dj0j5EUjVeGD+JkndcgsJ+OZzLO?= =?us-ascii?Q?nKD26fy743G8CrgNfCqOKd+S255M52QnaSr8DUWZrmf/Udq/Jzf4HqipqQVn?= =?us-ascii?Q?yZqQ5Tzko+/TwLu5W22SDPBokkyVt3wtYrLeLReT0EfL75LoWldlJcT98Myg?= =?us-ascii?Q?wtipWIFUq1aR2DxaNdsFB+CPRb/zpaPyy2i071eytEOknz0uUf2VHeH74/oU?= =?us-ascii?Q?1Tv2UgRwVvKIK08XZBLoRv/mGiAs1ely2S9LBiizlQMMLaDaBvGDKfpRicBi?= =?us-ascii?Q?UprnUUWAArdoNYJRlPZFuz692t2fSFl8+//Q/s2mpo3amHjgE0vuel71ZK9l?= =?us-ascii?Q?f4jFg3m+L1+qpAO5+20WXlnoe4JBHppS7C2Li3InWR+07rzmVGSfJ2aJRkwH?= =?us-ascii?Q?KndKW8VVEFXtwMFZiYNy2J9KfxuP3tPmm5oEDupdxpVlE6by5ZdrXPZbTot9?= =?us-ascii?Q?39G2pHDmJ1XoteuRxrjnjrc2FG/4D+Ynkcuz9TALKGTzOuAgP7l7y6LWASuW?= =?us-ascii?Q?iFYLZFDfQcCFzJw9EC889a5OEHo2sQbQS12DcR+x8kmcWDaT6u0+kGw9H7Ps?= =?us-ascii?Q?hh9OVsVd0W5yUPV+FqmH4s1VjsG6MRJD41ise9gGeNKTbPAWl+1noDfra8Vs?= =?us-ascii?Q?ITVtn5M6EXEOkuyN+21smXdl882wufwxquKTw9jYMLAGhgz1fc1p87ZggBFz?= =?us-ascii?Q?41/e0BTvM3PwJLU4nBwBkkn7X4kxaBbqdvqeGzhfVa5bEufmV8/D2GRyjV6P?= =?us-ascii?Q?qhcOs7Jowb8YfV1UALWFWnCD5QNxahY+VQ/afMLA09LEtsIQxnXA+dLw1GaI?= =?us-ascii?Q?LHXPP5gVAjCBoS7O6CDIsgDcRj4gOrZoSPMiOnD82LOvByhiuZef4U5FICG9?= =?us-ascii?Q?mC/pfzhwPuWWJpGsqJEY+OGnTLQ+VkALRkR9AMyYTd65JQTuXvpwVAFN0y7K?= =?us-ascii?Q?d+onymNSk6fSudyX6kqVV+1Uv0c76svuye7ui5dp3LGyNkuf/Z4tz0OCDDqe?= =?us-ascii?Q?5JSWUVGVeXvWawMIlbKrVEKaZrbiTEGEZeqWTVCt8yIAAprGf+h1H9YX5c/C?= =?us-ascii?Q?GX1lNm4a2KRKJCGsAvbh1sZ3m4hF6C/Ue3OyATHg3KLtd3BWETL0WPmT8Tqz?= =?us-ascii?Q?UdQP1MS3wfQNBp0klnhFhCSrPh6LlxpdACXfMOpk2TcgZcbJu1BJB7KxPs4N?= =?us-ascii?Q?26Rtdk5FKhXax51Mg1rGNhb4xdBg?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR18MB4086.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: f5e34418-48e7-4f2c-a43c-08d906375d65 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Apr 2021 09:08:30.8371 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: uz6iAiR4y/Nt8mJutuz4bsNFLOpDz86POLF6l5cL8aJyNv87fqBNxHZmxKUfPXHAO8V82DWZNMmJvxFMsRa7PgQQtVabx3T5tNRovwxTX74= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR18MB4104 X-Proofpoint-GUID: wyBeRPoi5uyRjayIHqOSzwkUTpTvYH-V X-Proofpoint-ORIG-GUID: wyBeRPoi5uyRjayIHqOSzwkUTpTvYH-V X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-04-23_03:2021-04-22, 2021-04-23 signatures=0 Subject: Re: [dpdk-dev] [EXT] [PATCH] app/testeventdev: fix buffer overflow X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" >Tainted and unvalidated integer 'idx' used as an index, which may >lead to buffer overflow. > >This patch fixed it. > >Fixes: 89e5eb118017 ("app/testeventdev: add string parsing helpers") >Cc: stable@dpdk.org > >Signed-off-by: Min Hu (Connor) Acked-by: Pavan Nikhilesh >--- > app/test-eventdev/evt_options.c | 4 ++-- > app/test-eventdev/parser.c | 6 ++++-- > app/test-eventdev/parser.h | 2 +- > 3 files changed, 7 insertions(+), 5 deletions(-) > >diff --git a/app/test-eventdev/evt_options.c b/app/test- >eventdev/evt_options.c >index 0d55405..061b63e 100644 >--- a/app/test-eventdev/evt_options.c >+++ b/app/test-eventdev/evt_options.c >@@ -221,7 +221,7 @@ evt_parse_plcores(struct evt_options *opt, >const char *corelist) > { > int ret; > >- ret =3D parse_lcores_list(opt->plcores, corelist); >+ ret =3D parse_lcores_list(opt->plcores, RTE_MAX_LCORE, >corelist); > if (ret =3D=3D -E2BIG) > evt_err("duplicate lcores in plcores"); > >@@ -233,7 +233,7 @@ evt_parse_work_lcores(struct evt_options >*opt, const char *corelist) > { > int ret; > >- ret =3D parse_lcores_list(opt->wlcores, corelist); >+ ret =3D parse_lcores_list(opt->wlcores, RTE_MAX_LCORE, >corelist); > if (ret =3D=3D -E2BIG) > evt_err("duplicate lcores in wlcores"); > >diff --git a/app/test-eventdev/parser.c b/app/test-eventdev/parser.c >index 24f1855..7a973cb 100644 >--- a/app/test-eventdev/parser.c >+++ b/app/test-eventdev/parser.c >@@ -310,7 +310,7 @@ parse_hex_string(char *src, uint8_t *dst, >uint32_t *size) > } > > int >-parse_lcores_list(bool lcores[], const char *corelist) >+parse_lcores_list(bool lcores[], int lcores_num, const char *corelist) > { > int i, idx =3D 0; > int min, max; >@@ -332,6 +332,8 @@ parse_lcores_list(bool lcores[], const char >*corelist) > if (*corelist =3D=3D '\0') > return -1; > idx =3D strtoul(corelist, &end, 10); >+ if (idx < 0 || idx > lcores_num) >+ return -1; > > if (end =3D=3D NULL) > return -1; >@@ -343,7 +345,7 @@ parse_lcores_list(bool lcores[], const char >*corelist) > max =3D idx; > if (min =3D=3D RTE_MAX_LCORE) > min =3D idx; >- for (idx =3D min; idx <=3D max; idx++) { >+ for (idx =3D min; idx < max; idx++) { > if (lcores[idx] =3D=3D 1) > return -E2BIG; > lcores[idx] =3D 1; >diff --git a/app/test-eventdev/parser.h b/app/test-eventdev/parser.h >index 673ff22..696b40a 100644 >--- a/app/test-eventdev/parser.h >+++ b/app/test-eventdev/parser.h >@@ -46,5 +46,5 @@ int parse_hex_string(char *src, uint8_t *dst, >uint32_t *size); > > int parse_tokenize_string(char *string, char *tokens[], uint32_t >*n_tokens); > >-int parse_lcores_list(bool lcores[], const char *corelist); >+int parse_lcores_list(bool lcores[], int lcores_num, const char >*corelist); > #endif >-- >2.7.4