From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 9222EA04AF
	for <public@inbox.dpdk.org>; Thu, 20 Aug 2020 17:34:13 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 8851B1C0C4;
	Thu, 20 Aug 2020 17:34:13 +0200 (CEST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [63.128.21.124])
 by dpdk.org (Postfix) with ESMTP id 156D61C0C0
 for <stable@dpdk.org>; Thu, 20 Aug 2020 17:34:11 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1597937651;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=QLHgc2zXQFezggPPvE19C6VMLTGAsKng6bifoL85fv0=;
 b=GA4x6QoOA1ZFfepyeTF0AtwIQkXwjv7rtS/05PoVAbdeGDZeRQvw4uvTPgJeUTfWFxEvge
 fETuBKHbKyQ5kQKQ4Ua1pRzHoQ/nxsr70DXm2VakPNGQh3RZ27764tIE+v3ak4cv9HY3LB
 S8OxXsZ6yDmWL/eZuoP03NHuxBTqwNo=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-500-3AcgzdthPvq_Fi7xx5AgKg-1; Thu, 20 Aug 2020 11:34:08 -0400
X-MC-Unique: 3AcgzdthPvq_Fi7xx5AgKg-1
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C0C2480733B;
 Thu, 20 Aug 2020 15:34:07 +0000 (UTC)
Received: from rh.redhat.com (unknown [10.33.36.18])
 by smtp.corp.redhat.com (Postfix) with ESMTP id BF48E10027A6;
 Thu, 20 Aug 2020 15:34:06 +0000 (UTC)
From: Kevin Traynor <ktraynor@redhat.com>
To: Stephen Hemminger <stephen@networkplumber.org>
Cc: Bruce Richardson <bruce.richardson@intel.com>,
 dpdk stable <stable@dpdk.org>
Date: Thu, 20 Aug 2020 16:33:10 +0100
Message-Id: <20200820153341.171927-5-ktraynor@redhat.com>
In-Reply-To: <20200820153341.171927-1-ktraynor@redhat.com>
References: <20200820153341.171927-1-ktraynor@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
Authentication-Results: relay.mimecast.com;
 auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=ktraynor@redhat.com
X-Mimecast-Spam-Score: 0.002
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit
Subject: [dpdk-stable] patch 'cfgfile: fix stack buffer underflow' has been
	queued to LTS release 18.11.10
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org
Sender: "stable" <stable-bounces@dpdk.org>

Hi,

FYI, your patch has been queued to LTS release 18.11.10

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 08/25/20. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable-queue

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable-queue/commit/f567b9af5186940a95fd9ed8cd19ca6525708229

Thanks.

Kevin.

---
>From f567b9af5186940a95fd9ed8cd19ca6525708229 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen@networkplumber.org>
Date: Wed, 1 Jul 2020 20:05:58 -0700
Subject: [PATCH] cfgfile: fix stack buffer underflow

[ upstream commit 041a3971c8f47f7850586c601b7002652dc9327c ]

If cfgfile is give a line with comment character at the start
of the line, it will dereference outside of the buffer.

Detected with address sanitizer:

SUMMARY: AddressSanitizer: stack-buffer-underflow
lib/librte_cfgfile/rte_cfgfile.c:194 in rte_cfgfile_load_with_params
Shadow bytes around the buggy address:
  0x200fff79f6a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fff79f6b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fff79f6c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fff79f6d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fff79f6e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x200fff79f6f0: 00 00 00 00 f1 f1 f1[f1]00 00 00 00 00 00 00 00
  0x200fff79f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fff79f710: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fff79f720: 04 f2 f2 f2 f3 f3 f3 f3 00 00 00 00 00 00 00 00
  0x200fff79f730: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f2
  0x200fff79f740: f2 f2 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==2189==ABORTING

Fixes: a6a47ac9c2c9 ("cfgfile: rework load function")

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Reviewed-by: Bruce Richardson <bruce.richardson@intel.com>
---
 lib/librte_cfgfile/rte_cfgfile.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/librte_cfgfile/rte_cfgfile.c b/lib/librte_cfgfile/rte_cfgfile.c
index 6142696341..3b0ce68b19 100644
--- a/lib/librte_cfgfile/rte_cfgfile.c
+++ b/lib/librte_cfgfile/rte_cfgfile.c
@@ -186,5 +186,6 @@ rte_cfgfile_load_with_params(const char *filename, int flags,
 		/* skip parsing if comment character found */
 		pos = memchr(buffer, params->comment_character, len);
-		if (pos != NULL && (*(pos-1) != '\\')) {
+		if (pos != NULL &&
+		    (pos == buffer || *(pos-1) != '\\')) {
 			*pos = '\0';
 			len = pos -  buffer;
-- 
2.26.2

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2020-08-20 16:26:16.079025498 +0100
+++ 0005-cfgfile-fix-stack-buffer-underflow.patch	2020-08-20 16:26:15.756323707 +0100
@@ -1 +1 @@
-From 041a3971c8f47f7850586c601b7002652dc9327c Mon Sep 17 00:00:00 2001
+From f567b9af5186940a95fd9ed8cd19ca6525708229 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 041a3971c8f47f7850586c601b7002652dc9327c ]
+
@@ -47 +48,0 @@
-Cc: stable@dpdk.org
@@ -56 +57 @@
-index f132e40563..002022263e 100644
+index 6142696341..3b0ce68b19 100644
@@ -59 +60 @@
-@@ -192,5 +192,6 @@ rte_cfgfile_load_with_params(const char *filename, int flags,
+@@ -186,5 +186,6 @@ rte_cfgfile_load_with_params(const char *filename, int flags,