[PATCH 1/3] examples/server_node_efd: fix format overflow

patches for DPDK stable branches
 help / color / mirror / Atom feed

* [PATCH 1/3] examples/server_node_efd: fix format overflow
       [not found] <20251110182209.104087-1-stephen@networkplumber.org>
@ 2025-11-10 18:19 ` Stephen Hemminger
  2025-11-10 18:19 ` [PATCH 2/3] examples/vdpa: fix format overflow warning Stephen Hemminger
       [not found] ` <20251111221857.443752-1-stephen@networkplumber.org>
  2 siblings, 0 replies; 4+ messages in thread
From: Stephen Hemminger @ 2025-11-10 18:19 UTC (permalink / raw)
  To: dev
  Cc: Stephen Hemminger, stable, Byron Marohn, Yipeng Wang,
	Pablo de Lara, Saikrishna Edupuganti, Christian Maciocco

If format-truncation is enabled, the compiler detects a string overflow
since the snprintf() is putting ethernet address and new line
in buffer only sized for the address.

Fixes: 39aad0e88c58 ("examples/flow_distributor: new example to demonstrate EFD")
Cc: stable@dpdk.org

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 examples/server_node_efd/efd_server/main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/server_node_efd/efd_server/main.c b/examples/server_node_efd/efd_server/main.c
index 75ff0ea532..62c3f4a16d 100644
--- a/examples/server_node_efd/efd_server/main.c
+++ b/examples/server_node_efd/efd_server/main.c
@@ -68,7 +68,7 @@ static const char *
 get_printable_mac_addr(uint16_t port)
 {
 	static const char err_address[] = "00:00:00:00:00:00";
-	static char addresses[RTE_MAX_ETHPORTS][sizeof(err_address)];
+	static char addresses[RTE_MAX_ETHPORTS][RTE_ETHER_ADDR_FMT_SIZE + 1];
 	struct rte_ether_addr mac;
 	int ret;
 
-- 
2.51.0


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 2/3] examples/vdpa: fix format overflow warning
       [not found] <20251110182209.104087-1-stephen@networkplumber.org>
  2025-11-10 18:19 ` [PATCH 1/3] examples/server_node_efd: fix format overflow Stephen Hemminger
@ 2025-11-10 18:19 ` Stephen Hemminger
       [not found] ` <20251111221857.443752-1-stephen@networkplumber.org>
  2 siblings, 0 replies; 4+ messages in thread
From: Stephen Hemminger @ 2025-11-10 18:19 UTC (permalink / raw)
  To: dev; +Cc: Stephen Hemminger, maxime.coquelin, stable, Chenbo Xia, Adrian Moreno

The ifname is limited to 128 characters, but it would allow up
to 128 characters as prefix then could overflow creating ifname.

Change to limit path prefix to 124 (128 - sizeof("1024"))
to avoid possible format overflow

Fixes: 38f8ab0bbc8d ("vhost: make vDPA framework bus agnostic")
Cc: maxime.coquelin@redhat.com
Cc: stable@dpdk.org

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 examples/vdpa/main.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/examples/vdpa/main.c b/examples/vdpa/main.c
index 289db26498..bdf751ad63 100644
--- a/examples/vdpa/main.c
+++ b/examples/vdpa/main.c
@@ -22,6 +22,8 @@
 
 #define MAX_PATH_LEN 128
 #define MAX_VDPA_SAMPLE_PORTS 1024
+#define stringify(x) (#x)
+#define MAX_VDPA_STR_LEN sizeof(stringify(MAX_VDPA_SAMPLE_PORTS))
 #define RTE_LOGTYPE_VDPA RTE_LOGTYPE_USER1
 
 struct vdpa_port {
@@ -36,7 +38,7 @@ struct vdpa_port {
 
 static struct vdpa_port vports[MAX_VDPA_SAMPLE_PORTS];
 
-static char iface[MAX_PATH_LEN];
+static char iface[MAX_PATH_LEN - MAX_VDPA_STR_LEN];
 static int devcnt;
 static int interactive;
 static int client_mode;
@@ -74,9 +76,8 @@ parse_args(int argc, char **argv)
 			break;
 		/* long options */
 		case 0:
-			if (strncmp(long_option[idx].name, "iface",
-						MAX_PATH_LEN) == 0) {
-				rte_strscpy(iface, optarg, MAX_PATH_LEN);
+			if (!strcmp(long_option[idx].name, "iface")) {
+				rte_strscpy(iface, optarg, sizeof(iface));
 				printf("iface %s\n", iface);
 			}
 			if (!strcmp(long_option[idx].name, "interactive")) {
-- 
2.51.0


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH v2 1/7] examples/server_node_efd: fix format overflow
       [not found] ` <20251111221857.443752-1-stephen@networkplumber.org>
@ 2025-11-11 22:17   ` Stephen Hemminger
  2025-11-11 22:17   ` [PATCH v2 2/7] examples/vdpa: fix format overflow warning Stephen Hemminger
  1 sibling, 0 replies; 4+ messages in thread
From: Stephen Hemminger @ 2025-11-11 22:17 UTC (permalink / raw)
  To: dev
  Cc: Stephen Hemminger, stable, Byron Marohn, Yipeng Wang,
	Saikrishna Edupuganti, Pablo de Lara, Christian Maciocco

If format-truncation is enabled, the compiler detects a string overflow
since the snprintf() is putting ethernet address and new line
in buffer only sized for the address.

Since get_rx_queue_name() is used to create a ring name.
The buffer should be sized to be a valid ring name.
This fixes some format-overflow warnings and also corrects
for future errors.

Fixes: 39aad0e88c58 ("examples/flow_distributor: new example to demonstrate EFD")
Cc: stable@dpdk.org

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 examples/server_node_efd/efd_server/main.c | 2 +-
 examples/server_node_efd/shared/common.h   | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/examples/server_node_efd/efd_server/main.c b/examples/server_node_efd/efd_server/main.c
index 75ff0ea532..62c3f4a16d 100644
--- a/examples/server_node_efd/efd_server/main.c
+++ b/examples/server_node_efd/efd_server/main.c
@@ -68,7 +68,7 @@ static const char *
 get_printable_mac_addr(uint16_t port)
 {
 	static const char err_address[] = "00:00:00:00:00:00";
-	static char addresses[RTE_MAX_ETHPORTS][sizeof(err_address)];
+	static char addresses[RTE_MAX_ETHPORTS][RTE_ETHER_ADDR_FMT_SIZE + 1];
 	struct rte_ether_addr mac;
 	int ret;
 
diff --git a/examples/server_node_efd/shared/common.h b/examples/server_node_efd/shared/common.h
index e1ab7e62b7..6726e2031e 100644
--- a/examples/server_node_efd/shared/common.h
+++ b/examples/server_node_efd/shared/common.h
@@ -58,8 +58,9 @@ get_rx_queue_name(unsigned int id)
 	/*
 	 * Buffer for return value. Size calculated by %u being replaced
 	 * by maximum 3 digits (plus an extra byte for safety)
+	 * Used as ring name, so upper limit is ring name size.
 	 */
-	static char buffer[sizeof(MP_NODE_RXQ_NAME) + 2];
+	static char buffer[RTE_RING_NAMESIZE];
 
 	snprintf(buffer, sizeof(buffer), MP_NODE_RXQ_NAME, id);
 	return buffer;
-- 
2.51.0


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH v2 2/7] examples/vdpa: fix format overflow warning
       [not found] ` <20251111221857.443752-1-stephen@networkplumber.org>
  2025-11-11 22:17   ` [PATCH v2 1/7] examples/server_node_efd: fix format overflow Stephen Hemminger
@ 2025-11-11 22:17   ` Stephen Hemminger
  1 sibling, 0 replies; 4+ messages in thread
From: Stephen Hemminger @ 2025-11-11 22:17 UTC (permalink / raw)
  To: dev; +Cc: Stephen Hemminger, maxime.coquelin, stable, Chenbo Xia, Adrian Moreno

The ifname is limited to 128 characters, but it would allow up
to 128 characters as prefix then could overflow creating ifname.

Change to limit path prefix to 124 (128 - sizeof("1024"))
to avoid possible format overflow

Fixes: 38f8ab0bbc8d ("vhost: make vDPA framework bus agnostic")
Cc: maxime.coquelin@redhat.com
Cc: stable@dpdk.org

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 examples/vdpa/main.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/examples/vdpa/main.c b/examples/vdpa/main.c
index 289db26498..7fd0e55b20 100644
--- a/examples/vdpa/main.c
+++ b/examples/vdpa/main.c
@@ -22,6 +22,8 @@
 
 #define MAX_PATH_LEN 128
 #define MAX_VDPA_SAMPLE_PORTS 1024
+#define stringify(x) (#x)
+#define MAX_VDPA_STR_LEN sizeof(stringify(MAX_VDPA_SAMPLE_PORTS))
 #define RTE_LOGTYPE_VDPA RTE_LOGTYPE_USER1
 
 struct vdpa_port {
@@ -36,7 +38,7 @@ struct vdpa_port {
 
 static struct vdpa_port vports[MAX_VDPA_SAMPLE_PORTS];
 
-static char iface[MAX_PATH_LEN];
+static char iface[MAX_PATH_LEN - MAX_VDPA_STR_LEN];
 static int devcnt;
 static int interactive;
 static int client_mode;
@@ -74,9 +76,8 @@ parse_args(int argc, char **argv)
 			break;
 		/* long options */
 		case 0:
-			if (strncmp(long_option[idx].name, "iface",
-						MAX_PATH_LEN) == 0) {
-				rte_strscpy(iface, optarg, MAX_PATH_LEN);
+			if (!strcmp(long_option[idx].name, "iface")) {
+				rte_strscpy(iface, optarg, sizeof(iface));
 				printf("iface %s\n", iface);
 			}
 			if (!strcmp(long_option[idx].name, "interactive")) {
-- 
2.51.0


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2025-11-11 22:19 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <20251110182209.104087-1-stephen@networkplumber.org>
2025-11-10 18:19 ` [PATCH 1/3] examples/server_node_efd: fix format overflow Stephen Hemminger
2025-11-10 18:19 ` [PATCH 2/3] examples/vdpa: fix format overflow warning Stephen Hemminger
     [not found] ` <20251111221857.443752-1-stephen@networkplumber.org>
2025-11-11 22:17   ` [PATCH v2 1/7] examples/server_node_efd: fix format overflow Stephen Hemminger
2025-11-11 22:17   ` [PATCH v2 2/7] examples/vdpa: fix format overflow warning Stephen Hemminger

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).