DPDK patches and discussions
 help / color / mirror / Atom feed
* [dpdk-dev] [Bug 603] The variable drivers/regex/octeontx2/otx2_regexdev.c:pci_id_ree_table is not initialized, which will cause the global variable to overflow, which is a security risk.
@ 2020-12-17  8:27 bugzilla
  0 siblings, 0 replies; only message in thread
From: bugzilla @ 2020-12-17  8:27 UTC (permalink / raw)
  To: dev

https://bugs.dpdk.org/show_bug.cgi?id=603

            Bug ID: 603
           Summary: The variable
                    drivers/regex/octeontx2/otx2_regexdev.c:pci_id_ree_tab
                    le is not initialized, which will cause the global
                    variable to overflow, which is a security risk.
           Product: DPDK
           Version: 20.08
          Hardware: x86
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: Normal
         Component: ethdev
          Assignee: dev@dpdk.org
          Reporter: zhihongx.peng@intel.com
  Target Milestone: ---

pci_id_ree_table needs to be initialized as:
static struct rte_pci_id pci_id_ree_table[] = {
{ RTE_PCI_DEVICE(PCI_VENDOR_ID_CAVIUM, PCI_DEVID_OCTEONTX2_RVU_REE_PF) }
,
{ .vendor_id = 0, /* sentinel */ }
,
};

Test steps:
1. Compile add option -Db_sanitize=address
CC=gcc meson --werror -Denable_kmods=True -Dlibdir=lib -Dbuildtype=debug
-Db_sanitize=address --default-library=static x86_64-native-linuxapp-gcc

ninja -C x86_64-native-linuxapp-gcc -j 55

2. start dpdp-testpmd
./x86_64-native-linuxapp-gcc/app/dpdk-testpmd -c 0x6 -n 4 – -i

3. a global-buffer-overflow
==42285==ERROR: AddressSanitizer: global-buffer-overflow on address
0x5585c5a18e70 at pc 0x5585c05b0c2d bp 0x7fff3eafa280 sp 0x7fff3eafa270
READ of size 2 at 0x5585c5a18e70 thread T0
#0 0x5585c05b0c2c in rte_pci_match ../drivers/bus/pci/pci_common.c:132
#1 0x5585c05b0c8c in rte_pci_probe_one_driver
../drivers/bus/pci/pci_common.c:177
#2 0x5585c05b19c0 in pci_probe_all_drivers ../drivers/bus/pci/pci_common.c:318
#3 0x5585c05b1a67 in pci_probe ../drivers/bus/pci/pci_common.c:345

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2020-12-17  8:27 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-17  8:27 [dpdk-dev] [Bug 603] The variable drivers/regex/octeontx2/otx2_regexdev.c:pci_id_ree_table is not initialized, which will cause the global variable to overflow, which is a security risk bugzilla

DPDK patches and discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.dpdk.org/dev/0 dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dev dev/ https://inbox.dpdk.org/dev \
		dev@dpdk.org
	public-inbox-index dev

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git