From: Bruce Richardson <bruce.richardson@intel.com>
To: David Marchand <david.marchand@redhat.com>
Cc: <dev@dpdk.org>, <stable@dpdk.org>,
Tyler Retzlaff <roretzla@linux.microsoft.com>,
Maxime Coquelin <maxime.coquelin@redhat.com>,
Timothy Redaelli <tredaelli@redhat.com>
Subject: Re: [PATCH 04/10] eal: fix plugin dir walk
Date: Fri, 20 Jun 2025 10:19:20 +0100 [thread overview]
Message-ID: <aFUnmJ8NMj5S49kq@bricha3-mobl1.ger.corp.intel.com> (raw)
In-Reply-To: <20250619071037.37325-5-david.marchand@redhat.com>
On Thu, Jun 19, 2025 at 09:10:30AM +0200, David Marchand wrote:
> For '.' and '..' directories (or any short file name),
> a out of bound issue occurs.
>
> Caught by UBSan:
>
> EAL: Detected shared linkage of DPDK
> ../lib/eal/common/eal_common_options.c:420:15: runtime error: index -2
> out of bounds for type 'char[256]'
> #0 0x7f867eedf206 in eal_plugindir_init
> eal_common_options.c
> #1 0x7f867eede58a in eal_plugins_init
> (build/lib/librte_eal.so.25+0xde58a)
> (BuildId: e7e4a1935e4bacb51c82ab1a84098a27decf3b4c)
> #2 0x7f867efb8587 in rte_eal_init
> (build/lib/librte_eal.so.25+0x1b8587)
> (BuildId: e7e4a1935e4bacb51c82ab1a84098a27decf3b4c)
> #3 0x55b62360861e in main
> (/home/runner/work/dpdk/dpdk/build/app/dpdk-testpmd+0x9e061e)
> (BuildId: d821ec918612c83fad8b5ccb6cc518e66bee48cd)
> #4 0x7f8667429d8f in __libc_start_call_main
> csu/../sysdeps/nptl/libc_start_call_main.h:58:16
> #5 0x7f8667429e3f in __libc_start_main
> csu/../csu/libc-start.c:392:3
> #6 0x55b622d9d444 in _start
> (/home/runner/work/dpdk/dpdk/build/app/dpdk-testpmd+0x175444)
> (BuildId: d821ec918612c83fad8b5ccb6cc518e66bee48cd)
> SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior
> ../lib/eal/common/eal_common_options.c:420:15 in
> ../lib/eal/common/eal_common_options.c:421:15:
> runtime error: index 18446744073709551609 out of bounds
> for type 'char[256]'
>
> Fixes: c57f6e5c604a ("eal: fix plugin loading")
> Cc: stable@dpdk.org
>
> Signed-off-by: David Marchand <david.marchand@redhat.com>
> ---
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
One thought inline below...
> lib/eal/common/eal_common_options.c | 15 +++++++++++----
> 1 file changed, 11 insertions(+), 4 deletions(-)
>
> diff --git a/lib/eal/common/eal_common_options.c b/lib/eal/common/eal_common_options.c
> index 83b6fc7e89..153f807e4f 100644
> --- a/lib/eal/common/eal_common_options.c
> +++ b/lib/eal/common/eal_common_options.c
> @@ -399,6 +399,14 @@ eal_plugins_init(void)
> }
> #else
>
> +static bool
> +ends_with(const char *str, size_t str_len, const char *tail)
> +{
> + size_t tail_len = strlen(tail);
> +
> + return str_len >= tail_len && strncmp(&str[str_len - tail_len], tail, tail_len) == 0;
> +}
> +
I wonder if that function is worth renaming to "rte_str_ends_with" and
putting in rte_string_fns.h?
> static int
> eal_plugindir_init(const char *path)
> {
> @@ -417,13 +425,12 @@ eal_plugindir_init(const char *path)
> }
>
> while ((dent = readdir(d)) != NULL) {
> + size_t nlen = strnlen(dent->d_name, sizeof(dent->d_name));
> struct stat sb;
> - int nlen = strnlen(dent->d_name, sizeof(dent->d_name));
>
> /* check if name ends in .so or .so.ABI_VERSION */
> - if (strcmp(&dent->d_name[nlen - 3], ".so") != 0 &&
> - strcmp(&dent->d_name[nlen - 4 - strlen(ABI_VERSION)],
> - ".so."ABI_VERSION) != 0)
> + if (!ends_with(dent->d_name, nlen, ".so") &&
> + !ends_with(dent->d_name, nlen, ".so."ABI_VERSION))
> continue;
>
> snprintf(sopath, sizeof(sopath), "%s/%s", path, dent->d_name);
> --
> 2.49.0
>
next prev parent reply other threads:[~2025-06-20 9:19 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-19 7:10 [PATCH 00/10] Run with UBSan in GHA David Marchand
2025-06-19 7:10 ` [PATCH 01/10] ci: save ccache on failure David Marchand
2025-06-19 7:10 ` [PATCH 02/10] test/telemetry: fix test calling all commands David Marchand
2025-06-20 9:16 ` Bruce Richardson
2025-06-19 7:10 ` [PATCH 03/10] test/mempool: fix test without stack driver David Marchand
2025-06-20 8:54 ` Andrew Rybchenko
2025-06-19 7:10 ` [PATCH 04/10] eal: fix plugin dir walk David Marchand
2025-06-20 9:19 ` Bruce Richardson [this message]
2025-06-19 7:10 ` [PATCH 05/10] cmdline: fix port list parsing David Marchand
2025-06-20 9:58 ` Bruce Richardson
2025-06-19 7:10 ` [PATCH 06/10] cmdline: fix highest bit " David Marchand
2025-06-20 9:21 ` Bruce Richardson
2025-06-19 7:10 ` [PATCH 07/10] tailq: fix cast macro for null pointer David Marchand
2025-06-20 9:23 ` Bruce Richardson
2025-06-19 7:10 ` [PATCH 08/10] hash: fix unaligned access in predictable RSS David Marchand
2025-06-19 7:10 ` [PATCH 09/10] stack: fix unaligned accesses on 128-bit David Marchand
2025-06-19 7:10 ` [PATCH 10/10] build: support Undefined Behavior Sanitizer David Marchand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aFUnmJ8NMj5S49kq@bricha3-mobl1.ger.corp.intel.com \
--to=bruce.richardson@intel.com \
--cc=david.marchand@redhat.com \
--cc=dev@dpdk.org \
--cc=maxime.coquelin@redhat.com \
--cc=roretzla@linux.microsoft.com \
--cc=stable@dpdk.org \
--cc=tredaelli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).