From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 84E2443AA8; Fri, 9 Feb 2024 16:07:34 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id AD7E842E98; Fri, 9 Feb 2024 16:07:33 +0100 (CET) Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2057.outbound.protection.outlook.com [40.107.223.57]) by mails.dpdk.org (Postfix) with ESMTP id BDB8740697; Fri, 9 Feb 2024 16:07:31 +0100 (CET) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cWxUP/hbjjkIiH5DkUgheHs+q8m+7C6aWJua3AgQ9IAtFjnrLpElWRWeGjMzltHfS7cde5uRKL2Ctu4aN/Z9+JPLYW4WT7Z5FIvXAdFrSO8SO21eJHCm/TNL0CFegjHpxz7P8gcz9XowbacLpjAAKlumhXcDMs7jgq4qm3lYye+mkE1uBsFs8SHZ5JLP/VKkYLd/ziON0J8HRR1SKCfyt4giwW7VcQ3vYss58a+bqzj+Jk2Wmopfb3Yiq8MVmBCpNKGSfbYPGzwID5v1ePxJwoaQ8bl19Xf5Zxzcv4FCJFoSUP2BKoe3E62YTXkxg2inMfF+glssP0ZciJlsw0V5dg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3iemTY8T+7WffcS2sUyZzQMKwgtH8DvTvyed2jqkTzY=; b=Laep6T73OI7tLOesQ7o4Z8ADUc9duUIXnM9YAKkd8LFTgXSrxLFh36oQlnqHQt43SE70hDce2x9dI6Sde7gFmKBCFDkLez4HiPjPRXqQ1xTPH9oUjrI0s/mM6Wcxdpg4E8uLUBdEJfgcDVPLa6rDs6QmhEY5Hh9p0VDyrHUcRRFPLAkq1acwqu/kb8QYcCp/NQYUHu30zwWGra/S8zFXOHteV04iamA9/Ft/PS3WbZWj5+glPGelBxJ8clKt/uo+AFnb9bzXZNQb/BlENVLVlDSb9UY5Y6PO2S0uizkHJlq6UtmASViUPyztsu6kL+Ur4M3ps5WhrpA/fubDBmYE0Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3iemTY8T+7WffcS2sUyZzQMKwgtH8DvTvyed2jqkTzY=; b=KthxyFHx+ynaadteMdNr3ayYMhBU95C0sX2n9QDjN0n5QlOFtgNMgsi9wVocxjiDpG9jZ4rF3yWp3YZZ6NRgxOAUnhR+EGxUmslIyRurgGkiO3Ag6eHNqwFgsQhFdn3Rgivw/d68kUxG64K/C/L29fvHVOpKJXW2L4/SkLst8xU= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4294.namprd12.prod.outlook.com (2603:10b6:610:a9::11) by PH7PR12MB6907.namprd12.prod.outlook.com (2603:10b6:510:1b9::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7202.34; Fri, 9 Feb 2024 15:07:29 +0000 Received: from CH2PR12MB4294.namprd12.prod.outlook.com ([fe80::815a:45e6:cf5e:479f]) by CH2PR12MB4294.namprd12.prod.outlook.com ([fe80::815a:45e6:cf5e:479f%4]) with mapi id 15.20.7292.009; Fri, 9 Feb 2024 15:07:29 +0000 Message-ID: Date: Fri, 9 Feb 2024 15:07:24 +0000 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] app/testpmd: add size validation to token parsers Content-Language: en-US From: Ferruh Yigit To: Gregory Etelson , dev@dpdk.org Cc: mkashani@nvidia.com, stable@dpdk.org, Ori Kam , Aman Singh , Yuying Zhang , Olga Shern , Adrien Mazarguil References: <20231111071347.71824-1-getelson@nvidia.com> <3f88502b-2434-4ed2-a3bb-8fde626d44f4@amd.com> Autocrypt: addr=ferruh.yigit@amd.com; keydata= xsFNBGJDD3EBEAC/M7Tk/DfQSmP1K96vyzdhfSBzlCaGtcxNXorq4fALruqVsD3oi0yfyEz9 4YN8x7py0o9EL8ZdpOX0skc0AMCDAaw033uWhCn0GLMeGRKUbfOAPvL6ecSDvGD7CJIO9j0J eZUvasBgPdM/435PEr9DmC6Ggzdzt8IuG4PoLi5jpFSfcqxZFCCxLUDEo/w0nuguk2FTuYJg B2zEZ4JTBZrw7hIHiFh8D8hr6YA6a5uTofq1tr+l048lbtdFUl8TR0aIExVzE4Z8qKZlcE+9 RQaewjK5Al1jLE4sHdmd3GN+IvgDF3D/fLsi25SKJDeGSdeHkOmaX0qGeM4WKIfU6iARRCiQ N3AmBIxZ/A7UXBKLaOyZ+/i3sE6Wb53nrO4i8+0K2Qwyh6LjTeiJAIjYKN43ppxz3DaI+QwQ vI+uyHr4Gg0Da9EPPz/YyKauSeOZCfCB5gIfICO0j6x0SCl8uQ2nLpjxcZkf0gjcwUzP3h+S 3x6NfDji9YEij0zczW/dcSpGgZ6vsFpPrtnP9ZXy6J53yp0kJtOJoOlkEFFdU2yCZnCDseum CoudmGLZVvS0/DzHDJejq+3kK3FDGktZBOxZIIpal+nFqS7lVgOZc4+huVv3jyhzoAUOEyXA XK5j6o7g8STUY+z33QNnHpdLvecMwuzmvqy0jR54yAbZ64mB9QARAQABzSNGZXJydWggWWln aXQgPGZlcnJ1aC55aWdpdEBhbWQuY29tPsLBlwQTAQgAQQIbAwULCQgHAgYVCgkICwIEFgID AQIeAQIXgAIZARYhBEm7aYjps5XGsPHCElRTPtCKKm/6BQJkdyEEBQkE3meNAAoJEFRTPtCK Km/6UdcP/0/kEp49aIUhkRnQfmKmNVpcBEs4NqceNCWTQlaXdEwL1lxf1L49dsF5Jz1yvWi3 tMtq0Mk1o68mQ7q8iZAzIeLxGQAlievMNE0BzLWPFmuX+ac98ITBqKdnUAn6ig5ezR+jxrAU 58utUszDl16eMabtCu76sINL5izB8zCWcDEUB4UqM8iBSQZ7/a7TSBVS0jVBldAORg1qfFIs cGMPQn/skhy3QqbK3u3Rhc44zRxvzrQJmhY6T1rpeniHSyGOeIYqjpbpnMU5n1VWzQ4NXvAD VDkZ4NDw6CpvF4S2h2Ds7w7GKvT6RRTddrl672IaLcaWRiqBNCPm+eKh4q5/XkOXTgUqYBVg Ors8uS9EbQC/SAcp9VHF9fB+3nadxZm4CLPe5ZDJnSmgu/ea7xjWQYR8ouo2THxqNZtkercc GOxGFxIaLcJIR/XChh9d0LKgc1FfVARTMW8UrPgINVEmVSFmAVSgVfsWIV+NSpG9/e90E4SV gMLPABn1YpJ8ca/IwqovctqDDXfxZOvCPOVWTzQe/ut767W+ctGR1kRkxWcz470SycOcY+PW VRPJd91Af0GdLFkwzZgNzkd6Gyc9XXcv4lwwqBLhWrBhqPYB0aZXIG1E/cVTiRp4dWpFHAFD DcuLldjIw93lCDsIeEDM9rBizGVMWEoeFmqSe7pzGTPXzsFNBGJDD3EBEAC8fBFQHej8qgIG CBzoIEd1cZgPIARlIhRudODXoNDbwA+zJMKtOVwol3Hh1qJ2/yZP11nZsqrP4fyUvMxrwhDe WBWFVDbWHLnqXMnKuUU1vQMujbzgq/4Rb9wSMW5vBL6YxhZng+h71JgS/9nVtzyaTtsOTrJi 6nzFSDx6Wbza2jYvL9rlK0yxJcMEiKwZQ/if4KcOesD0rtxomU/iSEv6DATcJbGXP6T93nPl 90XksijRKAmOwvdu3A8IIlxiSSVRP0lxiHOeR35y6PjHY2usfEDZZOVOfDfhlCVAIBZUZALv VmFOVSTYXeKgYa6Ooaf72+cHM3SgJIbYnevJfFv8YQW0MEAJ/IXE7B1Lk+pHNxwU3VBCrKnA fd/PTvviesuYRkrRD6qqZnINeu3b2DouVGGt2fVcGA38BujCd3p8i7azoGc7A6cgF7z9ETnr ANrbg1/dJyDmkDxOxVrVquTBbxJbDy2HaIe9wyJTEK2Sznpy62DaHVY+gfDQzexBXM10geHC IIUhEnOUYVaq65X3ZDjyAQnNDBQ4uMqSHZk8DpJ22X+T+IMzWzWl+VyU4UZXjkLKPvlqPjJk 1RbKScek5L2GhxHQbPaD76Hx4Jiel0vm2G+4wei8Ay1+0YRFkhySxogU/uQVXHTv63KzQMak oIfnN/V2R0ucarsvMBW+gwARAQABwsF8BBgBCAAmAhsMFiEESbtpiOmzlcaw8cISVFM+0Ioq b/oFAmR3IPsFCQTeZ44ACgkQVFM+0Ioqb/qINhAAtcor9bevHy22HvJvXX17IOpPSklZJAeQ Az43ZEo5kRlJ8mElc2g3RzYCvL/V3fSiIATxIsLq/MDtYhO8AAvklxND/u2zeBd7BkRZTZZX W1V1cM3oTvfx3LOhDu4f2ExQzCGdkzbXTRswSJIe1W0qwsDp+YPekbrsKp1maZArGeu+6FuW honeosIrWS98QJmscEhP8ooyJkLDCCOgEk+mJ/JBjzcJGuYn6+Iy/ApMw/vqiLGL1UWekcTA g18mREHqIR+A3ZvypIufSFB52oIs1zD/uh/MgmL62bY/Cw6M2SxiVxLRsav9TNkF6ZaNQCgn GqifliCEMvEuLZRBOZSYH2A/PfwjYW0Ss0Gyfywmb2IA990gcQsXxuCLG7pAbWaeYazoYYEQ NYmWatZNMAs68ERI2zvrVxdJ/fBWAllIEd0uQ4P05GtAHPdTIDQYp545+TPV7oyF0LfXcsQs SFVZE6igdvkjfYmh+QOrHGZvpWXLTmffVf/AQ81wspzbfxJ7sYM4P8Mg5kKOsaoUdyA/2qVe cMh1CLUHXF1GlofpGbe1lj4KUJVse5g3qwV7i9VrseA8c4VIZewdIjkzAhmmbxl+8rM/LKBH dZUMTzME5PFCXJIZ83qkZQ795MTe2YScp9dIV7fsS5tpDwIs7BZNVM1l3NAdK+DLHqNxKuyO 8Zk= In-Reply-To: <3f88502b-2434-4ed2-a3bb-8fde626d44f4@amd.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-ClientProxiedBy: LO4P123CA0479.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:1a8::16) To CH2PR12MB4294.namprd12.prod.outlook.com (2603:10b6:610:a9::11) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH2PR12MB4294:EE_|PH7PR12MB6907:EE_ X-MS-Office365-Filtering-Correlation-Id: d2c28935-eeb0-43e9-47fc-08dc2980d551 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 6fCeDynY7i6JdNTE+pZDXX5BEAtst/E+lJA+TU9lnARULfxZ5JTZnBDsX0jWskvrGh08rn81vve/gZbI8opHDq3fUyxR+dyEjcoL5DQtVmu3G1mA4qsTfphcXG5Lext3b2ie8o4UNnqKhMAAsvSF2SBlJ3YEHoju/cbsl2Gr1Rrk8q8j3b47nLn4oNZ0bu+LMBtOrLzCBqRydWezF2i4CJ3oxDpCRD6PxBSBY5ZFLJ4sk1w+UPsx5Yfx2dS/ZZTxdYLfeUODXguWNO8LXlkwj+JlUoHSEq65iza6MgaXa0uoQVQUN3zZMsKblHCBxmY1WQ4D02aJZ4aLNcq1Pc1frfe//DrDNJKSjv4dbJm5ZfZfs0wvETtR6sM2XgmlnE6z0EVAqgnEuEksx8tGkTGIzWZyTdDmFgqJZciPUUkjKiSrgbARItfrD/HyxLWLgZP41oTqIhPVV8JgryDfmvFAFmf+PcvErYI0avu68W7ZiLI5aW4U+Cs88ztxrw+wJpmmZlJRx6W1z5TUglq4BN51Me4Tq2yecbg0hzjoHkmaMVA= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR12MB4294.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(396003)(136003)(346002)(39860400002)(366004)(376002)(230922051799003)(451199024)(64100799003)(1800799012)(186009)(31686004)(478600001)(966005)(31696002)(83380400001)(6486002)(66476007)(53546011)(6512007)(36756003)(41300700001)(86362001)(26005)(2616005)(4326008)(66946007)(5660300002)(8936002)(54906003)(6666004)(44832011)(8676002)(2906002)(38100700002)(66556008)(316002)(6506007); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?NzRvbWpvNE9BOWYySXNwMnFQZGw4ektxdzVUZlJaK2VFQlJjSVdlR1ljZ0JT?= =?utf-8?B?RFcvaXVvUzZlUnA5U1N3azJrNDNlUHdyMG1XZG9XRjQrY0FGa2FoSGhqU2Ro?= =?utf-8?B?NFhlVjFudU90VUlrUzYrVVFvemRTNXZqUUhOb2hjZnV1cXd4OFBOR3pkT2sx?= =?utf-8?B?RlluVmpYOXdWdE4yMXpnV01nYTZ2aFBDNE5HZlo4T2Y5eTBwbDhodFlzOG1V?= =?utf-8?B?MHpOWnJFQVB4NC9jWDFnSlhwREE4VnBTbGJPMzcvSWxPeEQxME9hT3YrelV5?= =?utf-8?B?N2FuTGZWajBpWG5zOHFzemtyUTJqWGk3dEhTaWVNY21KK0NLUHRLN2E3bkg2?= =?utf-8?B?eSthNGVRZUYyNHpnSzM1ZDUwUEt5a0xHZk9DZjR5QWF1VGhxYzh2M29meWNk?= =?utf-8?B?YjhKeHN3eGV5Z0FRU1VoVWRQZjI2UElnL0R1R0ZaSmsrUzhzYWluT2pwV1dl?= =?utf-8?B?ckFpbmQ4NHN1RFlqbVFBbHBaWDduM0ltWmVoeUVoWjVGNEd4dlBZTmticE9H?= =?utf-8?B?WlM5YjlUei9VZlBCQXdFYktRYkVhYUMzckU0elduK0ZUOVJEbEhHUis5SGJI?= =?utf-8?B?dWhyc0lzV3dHeHoxb3hTYUMyVEZSazEzeW1rL3lsR1JtQ0s2RlJ6SXRXcE0x?= =?utf-8?B?RlVHWndNNFBENG9rWVkwengzZTR3bXNrQWRBVlc0YVB5WlNvVFFUdzBGU0xa?= =?utf-8?B?N0ZGaHJBUXdBcmwxbDZlSXVnSWFJdFB3T2ZYU1Jyd3BLdE1FV09CaWlXTllF?= =?utf-8?B?ZXp1YVI2QktPOHF3b1duVU43RDBnaU9MZHlkdDZYamRtYzRUVXlJT1R1Ym1C?= =?utf-8?B?a3ZiNXlpUFdlMGNwaEltZm9mamthanBONjVmZ3VLQ1hsQUE2cDl1cDRzc2Vm?= =?utf-8?B?NlVpbHJxTytGNDFiWm1OcFJ6cUlzRG5HQ0k4eU1VRG5HQTZPeGVOZGNhK00y?= =?utf-8?B?ZUJpYm1kYjF0YUVIYlRhYlhza014WkgySjR3ZnV5c2JTRy9OYWd4RjlUQlhW?= =?utf-8?B?N2hpVkdsNE9acGgrVGExOVZ2Umtnc3RZMU9nYmVvNzkyMllVekxDd2ViU3FI?= =?utf-8?B?NlAxdDRvdUNkbFB5Rkl1K0hiWlQ1OEQvQUt4L28yNkk5a0U2Rlh0WGMzOHRR?= =?utf-8?B?bFpFcGo0NU13dDVPR2ZVZHorOFdOWVZrN0lUSE80ektwMHViSW9UWVM0dVFO?= =?utf-8?B?dU82dkdxcFk2M2I3RW1FNzBBY21SQkJ5TnJ2KzFldWcyVzRudmk3WWNCenND?= =?utf-8?B?bWdtM2JZb0FDVkxkTGE4dVc5dnQ4TkRNcVJxYkM5VGVGRGpIWjlNWDMwUGZQ?= =?utf-8?B?RWhvWGdhUmdINFVpdnBRZmlxQUsrUGxtOUVPUldSMTBtdktYN2ZYeHZBUWlP?= =?utf-8?B?ejFTRTk5Yk9iMk9Od0h6SDBpaWJHTk04ZUEvOW14ajkrSUVsUjVrMTE0S0xZ?= =?utf-8?B?cGdwTlU3M3BCRFBNL0dBNlh5Nlk4VFR5SXpxTnRxVURLREN3aVZzYVpDRDdW?= =?utf-8?B?U29qUEg1dmZEcnpJb1ZoV2YvcVFvK0ZnWnA0bHJOcFg2ZldXOXJVbDJQWkxK?= =?utf-8?B?TjRteHRxODBpQlFDTlV5NkV3c2dNR0hqK0pEZmUzYjVTNW9PRUNIZXFzVXJE?= =?utf-8?B?WHFGb2VJYlhNbTFTQkQvLzBFY1k4bUlMU3cyckY5NkpuNG4wZWQwS0JSWEUv?= =?utf-8?B?eWtmRXB5V3ZYaGp3NlBNSzZ0RndHeEtUOFQ4TlhURFh5QzU0Tit0Z0JnYURF?= =?utf-8?B?anQvalYwbHpRMXNTL1R3RUlwdVZFbm1JaVRtNmpIZXp0T1NINjdpVHN0SFBu?= =?utf-8?B?c1RrMS9GdmFEK21XMnRWWHJaaDVUck1KWSsvemM2SE5BVHBwdm1RWU9teGVw?= =?utf-8?B?dlNka3N5Vk81MnhDRDFybHdqMHRaeHhnKzlqaUJlemtsdEtzKy82MFZCeUla?= =?utf-8?B?ajZ0SHpHNitmRGppQTJ0ZEVYUXdpa2w5SHNLNHk4dFZzcitmVnVVS0luOUVD?= =?utf-8?B?T2pTdDVFOFVzKzV0MzR2c01mWGdkMHR3VU1BM2daMzJiY3RxR3Z2SlJVSzdZ?= =?utf-8?B?NHBkanpTaDAvWTh2VWU1MlcxQ3hiMWVreXllWk0zdUcydWp2OThUOENmTVlj?= =?utf-8?Q?jE/dhlcOCwGDM7rbr5Ozc5Uja?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: d2c28935-eeb0-43e9-47fc-08dc2980d551 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4294.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Feb 2024 15:07:29.3116 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: A6zTtuh0bPWRmJ182Ve2G5/weUJ/SzN9bzMsdf4IZIDJK2VGPQ+lsSWHMGhrGFEw X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB6907 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On 2/8/2024 2:45 PM, Ferruh Yigit wrote: > On 11/11/2023 7:13 AM, Gregory Etelson wrote: >> parse_prefix(), parse_int(), parse_mac_addr(), >> parse_ipv4_addr() and parse_ipv6_addr() unconditionally overwrite >> the `size` parameter with token size. >> The `size` parameter references a buffer where the parser functions >> will store their result. >> >> If the `size` value was less than token size, parser will corrupt >> memory outsite of target buffer. >> >> The patch adds sizes validation. >> >> Fixes: d3f61b7bad20 ("app/testpmd: add flow item spec prefix length") >> Fixes: 8a03ab58cc0a ("app/testpmd: support flow integer") >> Fixes: 6df81b325fa4 ("app/testpmd: add items eth/vlan to flow command") >> Fixes: ef6e38550f07 ("app/testpmd: add items ipv4/ipv6 to flow command") >> Cc: stable@dpdk.org >> >> Signed-off-by: Gregory Etelson >> > > Acked-by: Ferruh Yigit > > Applied to dpdk-next-net/main, thanks. > Dropped from tree, because of issue reported in following thread: https://inbox.dpdk.org/dev/4dfd536b-4f57-4d56-b864-a7c42c0fd746@amd.com/T/#m051054336b924b82aa34e2fb06ab7dd6fbb69ea5 Updated patchwork as rejected.