patches for DPDK stable branches
 help / color / mirror / Atom feed
* [dpdk-stable] [PATCH] net/softnic: fix null pointer dereference
@ 2021-07-27  8:14 dapengx.yu
  2021-07-27  9:16 ` Singh, Jasvinder
  0 siblings, 1 reply; 3+ messages in thread
From: dapengx.yu @ 2021-07-27  8:14 UTC (permalink / raw)
  To: Jasvinder Singh, Cristian Dumitrescu; +Cc: dev, Dapeng Yu, stable

From: Dapeng Yu <dapengx.yu@intel.com>

When there is no "firmware" in arguments, the "firmware" pointer is
null, and will be dereferenced by rte_strscpy().

This patch moves the code block which copies character string from
"firmware" to "p->firmware" into the "if" statements where "firmware"
argument exists and it is duplicated successfully.

Coverity issue: 372136
Fixes: d8f852f5f369 ("net/softnic: fix memory leak in arguments parsing")
Cc: stable@dpdk.org

Signed-off-by: Dapeng Yu <dapengx.yu@intel.com>
---
 drivers/net/softnic/rte_eth_softnic.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/drivers/net/softnic/rte_eth_softnic.c b/drivers/net/softnic/rte_eth_softnic.c
index 0aa7147b13..b3b55b9035 100644
--- a/drivers/net/softnic/rte_eth_softnic.c
+++ b/drivers/net/softnic/rte_eth_softnic.c
@@ -479,17 +479,19 @@ pmd_parse_args(struct pmd_params *p, const char *params)
 			&get_string, &firmware);
 		if (ret < 0)
 			goto out_free;
-	}
-	if (rte_strscpy(p->firmware, firmware,
-			sizeof(p->firmware)) < 0) {
-		PMD_LOG(WARNING,
-			"\"%s\": firmware path should be shorter than %zu",
-			firmware, sizeof(p->firmware));
+
+		if (rte_strscpy(p->firmware, firmware,
+				sizeof(p->firmware)) < 0) {
+			PMD_LOG(WARNING,
+				"\"%s\": "
+				"firmware path should be shorter than %zu",
+				firmware, sizeof(p->firmware));
+			free(firmware);
+			ret = -EINVAL;
+			goto out_free;
+		}
 		free(firmware);
-		ret = -EINVAL;
-		goto out_free;
 	}
-	free(firmware);
 	/* Connection listening port (optional) */
 	if (rte_kvargs_count(kvlist, PMD_PARAM_CONN_PORT) == 1) {
 		ret = rte_kvargs_process(kvlist, PMD_PARAM_CONN_PORT,
-- 
2.27.0


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [dpdk-stable] [PATCH] net/softnic: fix null pointer dereference
  2021-07-27  8:14 [dpdk-stable] [PATCH] net/softnic: fix null pointer dereference dapengx.yu
@ 2021-07-27  9:16 ` Singh, Jasvinder
  2021-07-30 11:33   ` [dpdk-stable] [dpdk-dev] " Thomas Monjalon
  0 siblings, 1 reply; 3+ messages in thread
From: Singh, Jasvinder @ 2021-07-27  9:16 UTC (permalink / raw)
  To: Yu, DapengX, Dumitrescu, Cristian; +Cc: dev, stable



> -----Original Message-----
> From: Yu, DapengX <dapengx.yu@intel.com>
> Sent: Tuesday, July 27, 2021 9:15 AM
> To: Singh, Jasvinder <jasvinder.singh@intel.com>; Dumitrescu, Cristian
> <cristian.dumitrescu@intel.com>
> Cc: dev@dpdk.org; Yu, DapengX <dapengx.yu@intel.com>; stable@dpdk.org
> Subject: [PATCH] net/softnic: fix null pointer dereference
> 
> From: Dapeng Yu <dapengx.yu@intel.com>
> 
> When there is no "firmware" in arguments, the "firmware" pointer is null,
> and will be dereferenced by rte_strscpy().
> 
> This patch moves the code block which copies character string from
> "firmware" to "p->firmware" into the "if" statements where "firmware"
> argument exists and it is duplicated successfully.
> 
> Coverity issue: 372136
> Fixes: d8f852f5f369 ("net/softnic: fix memory leak in arguments parsing")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Dapeng Yu <dapengx.yu@intel.com>
> ---

Acked-by: Jasvinder Singh <jasvinder.singh@intel.com>



^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [dpdk-stable] [dpdk-dev] [PATCH] net/softnic: fix null pointer dereference
  2021-07-27  9:16 ` Singh, Jasvinder
@ 2021-07-30 11:33   ` Thomas Monjalon
  0 siblings, 0 replies; 3+ messages in thread
From: Thomas Monjalon @ 2021-07-30 11:33 UTC (permalink / raw)
  To: Yu, DapengX; +Cc: Dumitrescu, Cristian, dev, stable, Singh, Jasvinder

> > From: Dapeng Yu <dapengx.yu@intel.com>
> > 
> > When there is no "firmware" in arguments, the "firmware" pointer is null,
> > and will be dereferenced by rte_strscpy().
> > 
> > This patch moves the code block which copies character string from
> > "firmware" to "p->firmware" into the "if" statements where "firmware"
> > argument exists and it is duplicated successfully.
> > 
> > Coverity issue: 372136
> > Fixes: d8f852f5f369 ("net/softnic: fix memory leak in arguments parsing")
> > Cc: stable@dpdk.org
> > 
> > Signed-off-by: Dapeng Yu <dapengx.yu@intel.com>
> 
> Acked-by: Jasvinder Singh <jasvinder.singh@intel.com>

Applied, thanks.




^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-07-30 11:32 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-27  8:14 [dpdk-stable] [PATCH] net/softnic: fix null pointer dereference dapengx.yu
2021-07-27  9:16 ` Singh, Jasvinder
2021-07-30 11:33   ` [dpdk-stable] [dpdk-dev] " Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).