From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-it1-f195.google.com (mail-it1-f195.google.com [209.85.166.195]) by dpdk.org (Postfix) with ESMTP id A266F4C8F for ; Tue, 12 Mar 2019 10:56:59 +0100 (CET) Received: by mail-it1-f195.google.com with SMTP id v83so3476195itf.1 for ; Tue, 12 Mar 2019 02:56:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netronome-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hVhpBxZyJtHcOys55pdZa+J/oHWVXFSPbqs9gS79nqI=; b=NbopVVPwKLZ6wiRiJYZTkJp/r8ffP/dcx4YaUk+nMSmhaw5ZEiV/bKr9ioWjwi5Pzl xju+dIMW7xzHH8jgHbQcEvyQDDDJTTIHJqkasrLJVUFWxjD7Z4CKBEKXtJGh1gE+oyf6 EbGDk75H47vL5EJj7TZuj544BTCtr4cocLKU1FmvUeUSaykuf3pRcaQuR4uwCToBqGJg 8Fzo+bdn7gGhuSY1j0B6kakYcW+qYwtUe5WH1KYRY9ZkR7jZKObsSuYWh149nisCi3WO aKTgCSXaYkYgt13VLEMXMlJ7ZRwC24WhdpDm6Oog8GIT8pLp06lShUsHDeVIXqLbnJdQ 8/0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hVhpBxZyJtHcOys55pdZa+J/oHWVXFSPbqs9gS79nqI=; b=i2wupR+GkmwzKlf4kPyQmIbGOnh9gVPXGlrhIMfAH7jLxQ6TKxrUCRdPXTxzCSX+8J le4gVV+/7/KpipJGpy4nsQFqnQfT1Y2a2FAi/bPOmVPrfe67llpP512GK4nPr/yhwsCw t0YPYCqIX/ypK5PsYfyvkDi8HFLkr4tymU+IvIB2BaLu2GYfJlOt+Z6jsI1JEegnUxg5 nOeNQ3V4e9v7rMt75FCgtClNvq8TtZ1ufwtu3IaOXNejgHPaDqE0WLs0XdC14aJGBzKR L2ykWmLSlTaKzm9wMTLHWIUeXhTRY/O+8T4jGEXdhZyuFTiym6vb9PILMsTDbYFaG3XN P9AQ== X-Gm-Message-State: APjAAAVxX2mVbFvhVoQR0uPrfFlGylvFKrBLpPKFEHBJirq/YsaocERE WhowVsSiDJGL5Yo4qCiUxUcwE1I05yvL9Dnn/ujeaA== X-Google-Smtp-Source: APXvYqyFpOArNQ2sInmmojKGJuKlk56lpzwToAjQMyVbDcpN+T+Ps8yLvId7JSl1o7nk0ZSt2mcJT1JiRYg3La7qOBM= X-Received: by 2002:a24:3655:: with SMTP id l82mr1571898itl.107.1552384618936; Tue, 12 Mar 2019 02:56:58 -0700 (PDT) MIME-Version: 1.0 References: <1552040885-15275-1-git-send-email-pallantlax.poornima@intel.com> In-Reply-To: <1552040885-15275-1-git-send-email-pallantlax.poornima@intel.com> From: Alejandro Lucero Date: Tue, 12 Mar 2019 09:56:48 +0000 Message-ID: To: Pallantla Poornima Cc: dev , reshma.pattan@intel.com, Ferruh Yigit , dpdk stable Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.15 Subject: Re: [dpdk-stable] [PATCH v2] net/nfp: fix possible buffer overflow X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Mar 2019 09:56:59 -0000 On Fri, Mar 8, 2019 at 10:28 AM Pallantla Poornima < pallantlax.poornima@intel.com> wrote: > sprintf function is not secure as it doesn't check the length of string. > More secure function snprintf is used. > > Fixes: 896c265ef9 ("net/nfp: use new CPP interface") > Fixes: c4171b520b ("net/nfp: support PF multiport") > Cc: stable@dpdk.org > > Signed-off-by: Pallantla Poornima > --- > v2: updated title as suggested. > --- > drivers/net/nfp/nfp_net.c | 20 ++++++++++++-------- > 1 file changed, 12 insertions(+), 8 deletions(-) > > diff --git a/drivers/net/nfp/nfp_net.c b/drivers/net/nfp/nfp_net.c > index a791e95e2..f63def5ef 100644 > --- a/drivers/net/nfp/nfp_net.c > +++ b/drivers/net/nfp/nfp_net.c > @@ -3318,9 +3318,9 @@ nfp_pf_create_dev(struct rte_pci_device *dev, int > port, int ports, > return -ENOMEM; > > if (ports > 1) > - sprintf(port_name, "%s_port%d", dev->device.name, port); > + snprintf(port_name, 100, "%s_port%d", dev->device.name, > port); > else > - sprintf(port_name, "%s", dev->device.name); > + strlcat(port_name, dev->device.name, 100); > > > if (rte_eal_process_type() == RTE_PROC_PRIMARY) { > @@ -3433,12 +3433,14 @@ nfp_fw_upload(struct rte_pci_device *dev, struct > nfp_nsp *nsp, char *card) > /* Looking for firmware file in order of priority */ > > /* First try to find a firmware image specific for this device */ > - sprintf(serial, "serial-%02x-%02x-%02x-%02x-%02x-%02x-%02x-%02x", > + snprintf(serial, sizeof(serial), > + "serial-%02x-%02x-%02x-%02x-%02x-%02x-%02x-%02x", > cpp->serial[0], cpp->serial[1], cpp->serial[2], > cpp->serial[3], > cpp->serial[4], cpp->serial[5], cpp->interface >> 8, > cpp->interface & 0xff); > > - sprintf(fw_name, "%s/%s.nffw", DEFAULT_FW_PATH, serial); > + snprintf(fw_name, sizeof(fw_name), "%s/%s.nffw", DEFAULT_FW_PATH, > + serial); > > PMD_DRV_LOG(DEBUG, "Trying with fw file: %s", fw_name); > fw_f = open(fw_name, O_RDONLY); > @@ -3446,7 +3448,8 @@ nfp_fw_upload(struct rte_pci_device *dev, struct > nfp_nsp *nsp, char *card) > goto read_fw; > > /* Then try the PCI name */ > - sprintf(fw_name, "%s/pci-%s.nffw", DEFAULT_FW_PATH, dev-> > device.name); > + snprintf(fw_name, sizeof(fw_name), "%s/pci-%s.nffw", > DEFAULT_FW_PATH, > + dev->device.name); > > PMD_DRV_LOG(DEBUG, "Trying with fw file: %s", fw_name); > fw_f = open(fw_name, O_RDONLY); > @@ -3454,7 +3457,7 @@ nfp_fw_upload(struct rte_pci_device *dev, struct > nfp_nsp *nsp, char *card) > goto read_fw; > > /* Finally try the card type and media */ > - sprintf(fw_name, "%s/%s", DEFAULT_FW_PATH, card); > + snprintf(fw_name, sizeof(fw_name), "%s/%s", DEFAULT_FW_PATH, card); > PMD_DRV_LOG(DEBUG, "Trying with fw file: %s", fw_name); > fw_f = open(fw_name, O_RDONLY); > if (fw_f < 0) { > @@ -3530,8 +3533,9 @@ nfp_fw_setup(struct rte_pci_device *dev, struct > nfp_cpp *cpp, > > PMD_DRV_LOG(INFO, "Port speed: %u", nfp_eth_table->ports[0].speed); > > - sprintf(card_desc, "nic_%s_%dx%d.nffw", nfp_fw_model, > - nfp_eth_table->count, nfp_eth_table->ports[0].speed / > 1000); > + snprintf(card_desc, sizeof(card_desc), "nic_%s_%dx%d.nffw", > + nfp_fw_model, nfp_eth_table->count, > + nfp_eth_table->ports[0].speed / 1000); > > nsp = nfp_nsp_open(cpp); > if (!nsp) { > -- > 2.17.2 > > I got a compilation error when applying this patch: strlcat can not be found. I guess this patch requires to check for system libraries versions.