* [dpdk-stable] [PATCH v1] examples/vm_power: fix strcpy buffer overrun
@ 2019-07-12 14:04 David Hunt
2019-07-12 14:14 ` [dpdk-stable] [dpdk-dev] " Burakov, Anatoly
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: David Hunt @ 2019-07-12 14:04 UTC (permalink / raw)
To: dev; +Cc: david.hunt, stable
replace strcpy with rte_strlcpy to prevent buffer overrun
With fix, attempting to use a VERY lonng vm name results in a nicely
truncated 32 character name rather than a segfault:
Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd]
Cc: stable@dpdk.org
Fixes: 59287933a0bb ("examples/vm_power: add options to guest app")
Signed-off-by: David Hunt <david.hunt@intel.com>
---
examples/vm_power_manager/guest_cli/main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/examples/vm_power_manager/guest_cli/main.c b/examples/vm_power_manager/guest_cli/main.c
index 36365b124..a18eb214a 100644
--- a/examples/vm_power_manager/guest_cli/main.c
+++ b/examples/vm_power_manager/guest_cli/main.c
@@ -65,7 +65,7 @@ parse_args(int argc, char **argv)
switch (opt) {
/* portmask */
case 'n':
- strcpy(policy->vm_name, optarg);
+ rte_strlcpy(policy->vm_name, optarg, VM_MAX_NAME_SZ);
printf("Setting VM Name to [%s]\n", policy->vm_name);
break;
case 'b':
--
2.17.1
^ permalink raw reply [flat|nested] 9+ messages in thread* Re: [dpdk-stable] [dpdk-dev] [PATCH v1] examples/vm_power: fix strcpy buffer overrun 2019-07-12 14:04 [dpdk-stable] [PATCH v1] examples/vm_power: fix strcpy buffer overrun David Hunt @ 2019-07-12 14:14 ` Burakov, Anatoly 2019-07-12 14:47 ` Bruce Richardson 2019-07-16 8:24 ` [dpdk-stable] [PATCH v2] " David Hunt 2 siblings, 0 replies; 9+ messages in thread From: Burakov, Anatoly @ 2019-07-12 14:14 UTC (permalink / raw) To: David Hunt, dev; +Cc: stable On 12-Jul-19 3:04 PM, David Hunt wrote: > replace strcpy with rte_strlcpy to prevent buffer overrun > With fix, attempting to use a VERY lonng vm name results in a nicely > truncated 32 character name rather than a segfault: > Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd] > > Cc: stable@dpdk.org > Fixes: 59287933a0bb ("examples/vm_power: add options to guest app") > Signed-off-by: David Hunt <david.hunt@intel.com> > --- Acked-by: Anatoly Burakov <anatoly.burakov@intel.com> -- Thanks, Anatoly ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [dpdk-stable] [dpdk-dev] [PATCH v1] examples/vm_power: fix strcpy buffer overrun 2019-07-12 14:04 [dpdk-stable] [PATCH v1] examples/vm_power: fix strcpy buffer overrun David Hunt 2019-07-12 14:14 ` [dpdk-stable] [dpdk-dev] " Burakov, Anatoly @ 2019-07-12 14:47 ` Bruce Richardson 2019-07-14 13:26 ` Thomas Monjalon 2019-07-16 8:24 ` [dpdk-stable] [PATCH v2] " David Hunt 2 siblings, 1 reply; 9+ messages in thread From: Bruce Richardson @ 2019-07-12 14:47 UTC (permalink / raw) To: David Hunt; +Cc: dev, stable On Fri, Jul 12, 2019 at 03:04:02PM +0100, David Hunt wrote: > replace strcpy with rte_strlcpy to prevent buffer overrun > With fix, attempting to use a VERY lonng vm name results in a nicely > truncated 32 character name rather than a segfault: > Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd] > > Cc: stable@dpdk.org > Fixes: 59287933a0bb ("examples/vm_power: add options to guest app") > Signed-off-by: David Hunt <david.hunt@intel.com> > --- > examples/vm_power_manager/guest_cli/main.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/examples/vm_power_manager/guest_cli/main.c b/examples/vm_power_manager/guest_cli/main.c > index 36365b124..a18eb214a 100644 > --- a/examples/vm_power_manager/guest_cli/main.c > +++ b/examples/vm_power_manager/guest_cli/main.c > @@ -65,7 +65,7 @@ parse_args(int argc, char **argv) > switch (opt) { > /* portmask */ > case 'n': > - strcpy(policy->vm_name, optarg); > + rte_strlcpy(policy->vm_name, optarg, VM_MAX_NAME_SZ); > printf("Setting VM Name to [%s]\n", policy->vm_name); > break; > case 'b': > -- You can just use "strlcpy" without the "rte_" prefix. The rte_ version is just a fallback used when a standard strlcpy - either natively or from libbsd - is unavailable. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [dpdk-stable] [dpdk-dev] [PATCH v1] examples/vm_power: fix strcpy buffer overrun 2019-07-12 14:47 ` Bruce Richardson @ 2019-07-14 13:26 ` Thomas Monjalon 0 siblings, 0 replies; 9+ messages in thread From: Thomas Monjalon @ 2019-07-14 13:26 UTC (permalink / raw) To: David Hunt; +Cc: stable, Bruce Richardson, dev 12/07/2019 16:47, Bruce Richardson: > On Fri, Jul 12, 2019 at 03:04:02PM +0100, David Hunt wrote: > > replace strcpy with rte_strlcpy to prevent buffer overrun > > With fix, attempting to use a VERY lonng vm name results in a nicely > > truncated 32 character name rather than a segfault: > > Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd] > > > > Cc: stable@dpdk.org > > Fixes: 59287933a0bb ("examples/vm_power: add options to guest app") > > Signed-off-by: David Hunt <david.hunt@intel.com> It should be in this order: Fixes: 59287933a0bb ("examples/vm_power: add options to guest app") Cc: stable@dpdk.org Signed-off-by: David Hunt <david.hunt@intel.com> When in doubt about formatting, please check the git history. You will find that the recent title prefix in use was "examples/power". > > --- a/examples/vm_power_manager/guest_cli/main.c > > +++ b/examples/vm_power_manager/guest_cli/main.c > > - strcpy(policy->vm_name, optarg); > > + rte_strlcpy(policy->vm_name, optarg, VM_MAX_NAME_SZ); > > You can just use "strlcpy" without the "rte_" prefix. The rte_ version is > just a fallback used when a standard strlcpy - either natively or from > libbsd - is unavailable. Please replace the 2 other occurences of rte_strlcpy in this example (can be in the same patch with a small comment in the commit log). ^ permalink raw reply [flat|nested] 9+ messages in thread
* [dpdk-stable] [PATCH v2] examples/vm_power: fix strcpy buffer overrun 2019-07-12 14:04 [dpdk-stable] [PATCH v1] examples/vm_power: fix strcpy buffer overrun David Hunt 2019-07-12 14:14 ` [dpdk-stable] [dpdk-dev] " Burakov, Anatoly 2019-07-12 14:47 ` Bruce Richardson @ 2019-07-16 8:24 ` David Hunt 2019-07-16 11:05 ` [dpdk-stable] [dpdk-dev] " Thomas Monjalon 2019-07-16 11:19 ` [dpdk-stable] [PATCH v3] " David Hunt 2 siblings, 2 replies; 9+ messages in thread From: David Hunt @ 2019-07-16 8:24 UTC (permalink / raw) To: dev; +Cc: david.hunt, stable replace strcpy with strlcpy to prevent buffer overrun With fix, attempting to use a VERY lonng vm name results in a nicely truncated 32 character name rather than a segfault: Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd] Using strlcpy rather than rte_strlcpy, as the rte_ version is only a fallback. As well as the fix in main.c, this patch also changes an occurrence of rte_strlcpy in channel_manager.c and channel_monitor.c to strlcpy. Fixes: 59287933a0bb ("examples/vm_power: add options to guest app") Cc: stable@dpdk.org Signed-off-by: David Hunt <david.hunt@intel.com> Acked-by: Anatoly Burakov <anatoly.burakov@intel.com> --- examples/vm_power_manager/channel_manager.c | 2 +- examples/vm_power_manager/channel_monitor.c | 2 +- examples/vm_power_manager/guest_cli/main.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/vm_power_manager/channel_manager.c b/examples/vm_power_manager/channel_manager.c index 2c1332257..4db225755 100644 --- a/examples/vm_power_manager/channel_manager.c +++ b/examples/vm_power_manager/channel_manager.c @@ -588,7 +588,7 @@ add_host_channels(void) goto error; } chan_infos[i] = chan_info; - rte_strlcpy(chan_info->channel_path, socket_path, + strlcpy(chan_info->channel_path, socket_path, sizeof(chan_info->channel_path)); if (setup_host_channel_info(&chan_info, i) < 0) { diff --git a/examples/vm_power_manager/channel_monitor.c b/examples/vm_power_manager/channel_monitor.c index 9d7474da0..496772f8a 100644 --- a/examples/vm_power_manager/channel_monitor.c +++ b/examples/vm_power_manager/channel_monitor.c @@ -309,7 +309,7 @@ parse_json_to_pkt(json_t *element, struct channel_packet *pkt, vm_name); return -1; } - rte_strlcpy(pkt->vm_name, vm_name, VM_MAX_NAME_SZ); + strlcpy(pkt->vm_name, vm_name, VM_MAX_NAME_SZ); pkt->resource_id = resource_id; } return 0; diff --git a/examples/vm_power_manager/guest_cli/main.c b/examples/vm_power_manager/guest_cli/main.c index 36365b124..a18eb214a 100644 --- a/examples/vm_power_manager/guest_cli/main.c +++ b/examples/vm_power_manager/guest_cli/main.c @@ -65,7 +65,7 @@ parse_args(int argc, char **argv) switch (opt) { /* portmask */ case 'n': - strcpy(policy->vm_name, optarg); + rte_strlcpy(policy->vm_name, optarg, VM_MAX_NAME_SZ); printf("Setting VM Name to [%s]\n", policy->vm_name); break; case 'b': -- 2.17.1 ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [dpdk-stable] [dpdk-dev] [PATCH v2] examples/vm_power: fix strcpy buffer overrun 2019-07-16 8:24 ` [dpdk-stable] [PATCH v2] " David Hunt @ 2019-07-16 11:05 ` Thomas Monjalon 2019-07-16 11:23 ` Hunt, David 2019-07-16 11:19 ` [dpdk-stable] [PATCH v3] " David Hunt 1 sibling, 1 reply; 9+ messages in thread From: Thomas Monjalon @ 2019-07-16 11:05 UTC (permalink / raw) To: David Hunt; +Cc: dev, stable, bruce.richardson, anatoly.burakov 16/07/2019 10:24, David Hunt: > replace strcpy with strlcpy to prevent buffer overrun > With fix, attempting to use a VERY lonng vm name results in a nicely > truncated 32 character name rather than a segfault: > Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd] > > Using strlcpy rather than rte_strlcpy, as the rte_ version is only a > fallback. > > As well as the fix in main.c, this patch also changes an occurrence of > rte_strlcpy in channel_manager.c and channel_monitor.c to strlcpy. [...] > --- a/examples/vm_power_manager/guest_cli/main.c > +++ b/examples/vm_power_manager/guest_cli/main.c > - strcpy(policy->vm_name, optarg); > + rte_strlcpy(policy->vm_name, optarg, VM_MAX_NAME_SZ); This is still using rte_strlcpy !! ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [dpdk-stable] [dpdk-dev] [PATCH v2] examples/vm_power: fix strcpy buffer overrun 2019-07-16 11:05 ` [dpdk-stable] [dpdk-dev] " Thomas Monjalon @ 2019-07-16 11:23 ` Hunt, David 0 siblings, 0 replies; 9+ messages in thread From: Hunt, David @ 2019-07-16 11:23 UTC (permalink / raw) To: Thomas Monjalon; +Cc: dev, stable, bruce.richardson, anatoly.burakov On 16/07/2019 12:05, Thomas Monjalon wrote: > 16/07/2019 10:24, David Hunt: >> replace strcpy with strlcpy to prevent buffer overrun >> With fix, attempting to use a VERY lonng vm name results in a nicely >> truncated 32 character name rather than a segfault: >> Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd] >> >> Using strlcpy rather than rte_strlcpy, as the rte_ version is only a >> fallback. >> >> As well as the fix in main.c, this patch also changes an occurrence of >> rte_strlcpy in channel_manager.c and channel_monitor.c to strlcpy. > [...] >> --- a/examples/vm_power_manager/guest_cli/main.c >> +++ b/examples/vm_power_manager/guest_cli/main.c >> - strcpy(policy->vm_name, optarg); >> + rte_strlcpy(policy->vm_name, optarg, VM_MAX_NAME_SZ); > This is still using rte_strlcpy !! Apologies, too many balls in the air. v3 pushed. ^ permalink raw reply [flat|nested] 9+ messages in thread
* [dpdk-stable] [PATCH v3] examples/vm_power: fix strcpy buffer overrun 2019-07-16 8:24 ` [dpdk-stable] [PATCH v2] " David Hunt 2019-07-16 11:05 ` [dpdk-stable] [dpdk-dev] " Thomas Monjalon @ 2019-07-16 11:19 ` David Hunt 2019-07-16 11:28 ` [dpdk-stable] [dpdk-dev] " Thomas Monjalon 1 sibling, 1 reply; 9+ messages in thread From: David Hunt @ 2019-07-16 11:19 UTC (permalink / raw) To: dev; +Cc: david.hunt, stable replace strcpy with strlcpy to prevent buffer overrun With fix, attempting to use a VERY lonng vm name results in a nicely truncated 32 character name rather than a segfault: Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd] Using strlcpy rather than rte_strlcpy, as the rte_ version is only a fallback. As well as the fix in main.c, this patch also changes an occurrence of rte_strlcpy in channel_manager.c and channel_monitor.c to strlcpy. Fixes: 59287933a0bb ("examples/vm_power: add options to guest app") Cc: stable@dpdk.org Signed-off-by: David Hunt <david.hunt@intel.com> Acked-by: Anatoly Burakov <anatoly.burakov@intel.com> --- examples/vm_power_manager/channel_manager.c | 2 +- examples/vm_power_manager/channel_monitor.c | 2 +- examples/vm_power_manager/guest_cli/main.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/vm_power_manager/channel_manager.c b/examples/vm_power_manager/channel_manager.c index 2c1332257..4db225755 100644 --- a/examples/vm_power_manager/channel_manager.c +++ b/examples/vm_power_manager/channel_manager.c @@ -588,7 +588,7 @@ add_host_channels(void) goto error; } chan_infos[i] = chan_info; - rte_strlcpy(chan_info->channel_path, socket_path, + strlcpy(chan_info->channel_path, socket_path, sizeof(chan_info->channel_path)); if (setup_host_channel_info(&chan_info, i) < 0) { diff --git a/examples/vm_power_manager/channel_monitor.c b/examples/vm_power_manager/channel_monitor.c index 9d7474da0..496772f8a 100644 --- a/examples/vm_power_manager/channel_monitor.c +++ b/examples/vm_power_manager/channel_monitor.c @@ -309,7 +309,7 @@ parse_json_to_pkt(json_t *element, struct channel_packet *pkt, vm_name); return -1; } - rte_strlcpy(pkt->vm_name, vm_name, VM_MAX_NAME_SZ); + strlcpy(pkt->vm_name, vm_name, VM_MAX_NAME_SZ); pkt->resource_id = resource_id; } return 0; diff --git a/examples/vm_power_manager/guest_cli/main.c b/examples/vm_power_manager/guest_cli/main.c index 36365b124..2094145eb 100644 --- a/examples/vm_power_manager/guest_cli/main.c +++ b/examples/vm_power_manager/guest_cli/main.c @@ -65,7 +65,7 @@ parse_args(int argc, char **argv) switch (opt) { /* portmask */ case 'n': - strcpy(policy->vm_name, optarg); + strlcpy(policy->vm_name, optarg, VM_MAX_NAME_SZ); printf("Setting VM Name to [%s]\n", policy->vm_name); break; case 'b': -- 2.17.1 ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [dpdk-stable] [dpdk-dev] [PATCH v3] examples/vm_power: fix strcpy buffer overrun 2019-07-16 11:19 ` [dpdk-stable] [PATCH v3] " David Hunt @ 2019-07-16 11:28 ` Thomas Monjalon 0 siblings, 0 replies; 9+ messages in thread From: Thomas Monjalon @ 2019-07-16 11:28 UTC (permalink / raw) To: David Hunt; +Cc: dev, stable 16/07/2019 13:19, David Hunt: > replace strcpy with strlcpy to prevent buffer overrun > With fix, attempting to use a VERY lonng vm name results in a nicely > truncated 32 character name rather than a segfault: > Setting VM Name to [sdfdsfsfsdffdsdsasdsadasdakjshd] > > Using strlcpy rather than rte_strlcpy, as the rte_ version is only a > fallback. > > As well as the fix in main.c, this patch also changes an occurrence of > rte_strlcpy in channel_manager.c and channel_monitor.c to strlcpy. > > Fixes: 59287933a0bb ("examples/vm_power: add options to guest app") > Cc: stable@dpdk.org > Signed-off-by: David Hunt <david.hunt@intel.com> > Acked-by: Anatoly Burakov <anatoly.burakov@intel.com> Applied, thanks ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2019-07-16 11:28 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-07-12 14:04 [dpdk-stable] [PATCH v1] examples/vm_power: fix strcpy buffer overrun David Hunt 2019-07-12 14:14 ` [dpdk-stable] [dpdk-dev] " Burakov, Anatoly 2019-07-12 14:47 ` Bruce Richardson 2019-07-14 13:26 ` Thomas Monjalon 2019-07-16 8:24 ` [dpdk-stable] [PATCH v2] " David Hunt 2019-07-16 11:05 ` [dpdk-stable] [dpdk-dev] " Thomas Monjalon 2019-07-16 11:23 ` Hunt, David 2019-07-16 11:19 ` [dpdk-stable] [PATCH v3] " David Hunt 2019-07-16 11:28 ` [dpdk-stable] [dpdk-dev] " Thomas Monjalon
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).