From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0F8F0455AD for ; Mon, 15 Jul 2024 17:29:08 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 04C4140C35; Mon, 15 Jul 2024 17:29:08 +0200 (CEST) Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) by mails.dpdk.org (Postfix) with ESMTP id 05C00402DD for ; Mon, 15 Jul 2024 17:29:07 +0200 (CEST) Received: by mail-wm1-f45.google.com with SMTP id 5b1f17b1804b1-4266edee10cso28084195e9.2 for ; Mon, 15 Jul 2024 08:29:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1721057346; x=1721662146; darn=dpdk.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pi9LaQ5PVvUAaYgAxAda+F80zjpBWh0S4/mVM1Y4p24=; b=I9oau8VHiOOAulmKrWK1dooRAbDsRMO7fPfZ27KhPLVgn8DOB/LC4aHGoaF6TSZfGG BRRskU2aETNaF/KSaEHPdTVIScUOo2TpeKx0Y7hwF1p7JciP+jie9PnH9+2reRjEm+kF 3wTHu+BxQ5OLjtmiBMx7WqqmFtCmvrC1f/fOc2J1PW559vcQBaZiiSfphTDgHbtltuSX 9N95fSAZvV90gXp3dHAlvzhZdahp1I3KykpOZHkzFRW7ID4efJMVswGDZ+adChSAbFdk XgurVymIdrnD9ybxyvAH+GgZ+8Qg6IFWg00VB4UmzUpoGslzKl49LE1jVRF1kZ4jYoCB npQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721057346; x=1721662146; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pi9LaQ5PVvUAaYgAxAda+F80zjpBWh0S4/mVM1Y4p24=; b=JLiKTsuIgXVrQBRtGf1Fu0XQAeVFZ6zA2nEWSBNicDNg9tYUfbmJ+XHgYlhhMN0MOT 856ZmrBb/tywQFh4QmtOo/1d08XalEDhzBt3z06OE9rMzcvJ4gakfEL9yWa09yzy6mg2 xAoect36iiP1JkZgK0QF4l8YQ/GJWn+8fu7et5+ZZaw9kr7n2D2FTiI/kKIDFDsCQAwd zCbZnF+DRsQqJ0yKjR8wk7Ke8u4aYfBQVzaUm+iB0Bpy+sApk8rF+pgpFZCmeoVuE9eH 3cW0ztgXWRVsqEpVDcJKYq3LNtgDvwDwSwSOg0QQrZlS4HBppIk2g3b1Hh5BJFYoXjf+ Y/ZA== X-Forwarded-Encrypted: i=1; AJvYcCWXYP1ZWWd5IWu8U0DtfHF+Sy2ih5PCIMaFgNeCpFomxys+go+xxDSdWDErtMmUyMeGIdXaOokrX1Hg7aftr6U= X-Gm-Message-State: AOJu0YxTPUS9hZbbyqOwCvyr1/QBYN2i4i2WYvjIS7vgXfwduTbaL12k zHlPvNyIGxKFXdSXt/2NeVo609uqRikNlkelmYMHPDXR7qCF7gSRjeCoAUG9 X-Google-Smtp-Source: AGHT+IGzTZKjeXha6F2YCsCZblmHKp/kV7fPAIwH7h2Oz6bys2fWsltDQ3esk1GS8y1S4z0A9goLxQ== X-Received: by 2002:a05:600c:178f:b0:426:5f8f:51a4 with SMTP id 5b1f17b1804b1-426707d89e4mr126613105e9.12.1721057346591; Mon, 15 Jul 2024 08:29:06 -0700 (PDT) Received: from localhost ([2a01:4b00:d036:ae00:7aef:1aaa:3dff:d546]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427a5e77488sm92234945e9.9.2024.07.15.08.29.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Jul 2024 08:29:06 -0700 (PDT) From: luca.boccassi@gmail.com To: Apeksha Gupta Cc: Vanshika Shukla , dpdk stable Subject: patch 'common/dpaax: fix node array overrun' has been queued to stable release 22.11.6 Date: Mon, 15 Jul 2024 16:26:16 +0100 Message-Id: <20240715152704.2229503-38-luca.boccassi@gmail.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240715152704.2229503-1-luca.boccassi@gmail.com> References: <20240624235907.885628-81-luca.boccassi@gmail.com> <20240715152704.2229503-1-luca.boccassi@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 22.11.6 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 07/17/24. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/bluca/dpdk-stable This queued commit can be viewed at: https://github.com/bluca/dpdk-stable/commit/55950c7aa54f377fc6de2b3249b323506b96bbda Thanks. Luca Boccassi --- >From 55950c7aa54f377fc6de2b3249b323506b96bbda Mon Sep 17 00:00:00 2001 From: Apeksha Gupta Date: Wed, 10 Jul 2024 14:25:30 +0530 Subject: [PATCH] common/dpaax: fix node array overrun [ upstream commit fae5c5cf59b13efa1fe40d9dd75e0c8731dc46b1 ] Out-of-bounds read, overrunning dynamic array nodes at offset corresponding to index variable j. Fixes: 2f3d633aa593 ("common/dpaax: add library for PA/VA translation table") Signed-off-by: Apeksha Gupta Signed-off-by: Vanshika Shukla --- drivers/common/dpaax/dpaax_iova_table.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/common/dpaax/dpaax_iova_table.c b/drivers/common/dpaax/dpaax_iova_table.c index d2a78f4c19..860e702333 100644 --- a/drivers/common/dpaax/dpaax_iova_table.c +++ b/drivers/common/dpaax/dpaax_iova_table.c @@ -139,10 +139,12 @@ read_memory_node(unsigned int *count) } DPAAX_DEBUG("Device-tree memory node data:"); - do { + + while (j > 0) { + --j; DPAAX_DEBUG(" %08" PRIx64 " %08zu", nodes[j].addr, nodes[j].len); - } while (--j); + } cleanup: close(fd); -- 2.39.2 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2024-07-15 16:19:36.590856580 +0100 +++ 0038-common-dpaax-fix-node-array-overrun.patch 2024-07-15 16:19:34.532205695 +0100 @@ -1 +1 @@ -From fae5c5cf59b13efa1fe40d9dd75e0c8731dc46b1 Mon Sep 17 00:00:00 2001 +From 55950c7aa54f377fc6de2b3249b323506b96bbda Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit fae5c5cf59b13efa1fe40d9dd75e0c8731dc46b1 ] + @@ -10 +11,0 @@ -Cc: stable@dpdk.org