From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <Igor.Russkikh@aquantia.com>
Received: from NAM03-CO1-obe.outbound.protection.outlook.com
 (mail-eopbgr790044.outbound.protection.outlook.com [40.107.79.44])
 by dpdk.org (Postfix) with ESMTP id 3A21C4CE4;
 Tue, 12 Mar 2019 16:24:59 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=AQUANTIA1COM.onmicrosoft.com; s=selector1-aquantia-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=hD9ukWT3lFANCKM4/GuADDJnermSg3AqLmHYBv0WSDA=;
 b=SaqJN1XGN/uLilU9MPF0tv2o1uIgXm9SJQdaEDuG+hTNuHqo6ePO2iQw9MWD4HFHunoNBzRqvGOjwQzhbG8UaaboNhgixpVxIL7cxM6wySUxNS6lhru/GVvfOQfdsPkWF+fbRsoEgPS6ujLto37twy2W9gM2jmkYHiWR+z0qf9w=
Received: from DM6PR11MB3625.namprd11.prod.outlook.com (20.178.230.149) by
 DM6PR11MB2747.namprd11.prod.outlook.com (20.176.100.10) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.1686.18; Tue, 12 Mar 2019 15:24:57 +0000
Received: from DM6PR11MB3625.namprd11.prod.outlook.com
 ([fe80::d145:a1f4:ed34:e31b]) by DM6PR11MB3625.namprd11.prod.outlook.com
 ([fe80::d145:a1f4:ed34:e31b%3]) with mapi id 15.20.1686.021; Tue, 12 Mar 2019
 15:24:57 +0000
From: Igor Russkikh <Igor.Russkikh@aquantia.com>
To: "dev@dpdk.org" <dev@dpdk.org>
CC: Pavel Belous <Pavel.Belous@aquantia.com>, Igor Russkikh
 <Igor.Russkikh@aquantia.com>, "stable@dpdk.org" <stable@dpdk.org>, Pavel
 Belous <Pavel.Belous@aquantia.com>
Thread-Topic: [PATCH v3 04/10] net/atlantic: fix buffer overflow
Thread-Index: AQHU2OfAzEeFbMRQEkWoGSRW5bm8Lw==
Date: Tue, 12 Mar 2019 15:24:57 +0000
Message-ID: <d430b969a0be6b590a55e825e4085351ece79042.1552402263.git.igor.russkikh@aquantia.com>
References: <cover.1552402263.git.igor.russkikh@aquantia.com>
In-Reply-To: <cover.1552402263.git.igor.russkikh@aquantia.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: HE1PR0901CA0050.eurprd09.prod.outlook.com
 (2603:10a6:3:45::18) To DM6PR11MB3625.namprd11.prod.outlook.com
 (2603:10b6:5:13a::21)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=Igor.Russkikh@aquantia.com; 
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.17.1
x-originating-ip: [95.79.108.179]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: db426902-8cf6-4493-15de-08d6a6fee2ab
x-microsoft-antispam: BCL:0; PCL:0;
 RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020);
 SRVR:DM6PR11MB2747; 
x-ms-traffictypediagnostic: DM6PR11MB2747:
x-microsoft-exchange-diagnostics: =?iso-8859-1?Q?1; DM6PR11MB2747;
 23:LJ5rVY/GdnpW6ZovKtHUXGE9EO3eyomn2Edungu?=
 =?iso-8859-1?Q?JSXHj0aHk5LvD/vER/tk+c0p/OLx44c6yoLUj1ZYshb0UmSnrBUDdTQLTc?=
 =?iso-8859-1?Q?CuZYHAI/IU+KgIVRzpJL4MbT2QhV/hS8Gnd6P8C2PqGunbIfkmfc7WHlzS?=
 =?iso-8859-1?Q?CByLPdibuJEC34FxXhn+oMC0zKZToVR1Hap5S3S9rIODUJ5s8r276zmp7p?=
 =?iso-8859-1?Q?lBGG43ymsjIS41xIu91VloqxwiObjNaKRsEbcfO1f4Rlo76L6MeKVSdGZL?=
 =?iso-8859-1?Q?JgBYsVV0R9c2ZBjgZ71rGtNAv/CGl3JWb3WecWJffLQx6uhGquD1/Ed2Nl?=
 =?iso-8859-1?Q?BkAyun6K2vLK19zOIstY+01dQt7xihLRRjc3Ot7vsWKTQer7fgWSzDh0wj?=
 =?iso-8859-1?Q?EikStqtQwql/fHKEMBbPswghj31mZZCArGbkHrxxUJaTgzUCyRUklyjHbb?=
 =?iso-8859-1?Q?Ej7kOAVBdMwhvC0CJD/GQ5KnyQe2YwB1uLbDCJrZ/Bjzu54GsJSoMIs735?=
 =?iso-8859-1?Q?2+5ox04J4QOtOhqMDvWizkdbZ3ZNJIErc/EMslvngPCP0n4wtAbzcv/wsR?=
 =?iso-8859-1?Q?B+5Ojr4V8q/l9Y/7hUkWK0xqb2YnLddq0OzLxX4JBWdtgn0IeWfL6HmwGK?=
 =?iso-8859-1?Q?4R/Vj5ktlwoFasf5R50btM1JwCwpc4sI6JA6I1AghfiemKkK6BXwW944RH?=
 =?iso-8859-1?Q?dsB7Xf49mFPPOF3DHX/zb5kHXW0tZy0qNq270K3HzSDXxXks8/y5cngI8Y?=
 =?iso-8859-1?Q?jfS0AeBLebQ8HchqY8fM+a/gwO4xagVMqpStiFeCgXV5M1LmgnQS1ZovjT?=
 =?iso-8859-1?Q?HoOsFOoJCrn5Qtovr/dB9L7HbTTZccBf0XVaaH0dtizHK84XKJOITXKyw+?=
 =?iso-8859-1?Q?g3SCFNDTZ6Fh6QfxftluOajNQt5YW/EaJR5nooofXpkZBUbQWg1vMYXG+2?=
 =?iso-8859-1?Q?lIRECdsb1lgikcJIhZNz8PZcPbLnU+lXtV33y2RWTlCvXdmHI7P7BwhIzJ?=
 =?iso-8859-1?Q?woxfBQKP9lfJfaF1irXdY+dEGBOtMg7HRDGXt+6s+UxGsbguUnhwYssRfh?=
 =?iso-8859-1?Q?EyDBR212b/NmGGzDhMdhmCbo2IIIyeRpH+0e9BvZZZ+4k0lV5Ens9CNiv6?=
 =?iso-8859-1?Q?Kdx9YIFNRnthTrJcunNbAylzwK4UrWt1jDLKoEf+Txecms7Nvm08QENFNL?=
 =?iso-8859-1?Q?e94HNe95OTSt1BbB8tHPbuIN1rXAqHTsImEnXtP5KH3j0YpyAdENE94MWb?=
 =?iso-8859-1?Q?+h8oaDUUM1SCPOx2V33IPuA114ZpBY4EtK8IMYUkeT+hO68blS7RAPHtE9?=
 =?iso-8859-1?Q?yM823Sd4Bl/SZ0JD8wr7aRw36WdEew0rhEvKmc/rkYkWmexW0pTlst7spF?=
 =?iso-8859-1?Q?cjcg2EBkLdnHnSqfq3eBAEohf0+fVg2QeU/wzLzrCinWvuiSctqEMZ5nK4?=
 =?iso-8859-1?Q?RElv/K6EwegMoxD3EUBalgKyI+00wemltda?=
x-microsoft-antispam-prvs: <DM6PR11MB2747740BA56185882095E85598490@DM6PR11MB2747.namprd11.prod.outlook.com>
x-forefront-prvs: 09749A275C
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10009020)(396003)(346002)(39850400004)(136003)(366004)(376002)(199004)(189003)(53936002)(2501003)(106356001)(86362001)(81166006)(5660300002)(99286004)(81156014)(6116002)(44832011)(2351001)(105586002)(4326008)(66066001)(2616005)(71200400001)(486006)(72206003)(478600001)(446003)(476003)(186003)(118296001)(14454004)(26005)(54906003)(71190400001)(11346002)(386003)(6506007)(305945005)(102836004)(25786009)(7736002)(14444005)(50226002)(3846002)(256004)(107886003)(316002)(36756003)(450100002)(6916009)(6486002)(52116002)(1730700003)(8676002)(76176011)(6512007)(97736004)(8936002)(68736007)(6436002)(2906002)(5640700003);
 DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR11MB2747;
 H:DM6PR11MB3625.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en;
 PTR:InfoNoRecords; A:1; MX:1; 
received-spf: None (protection.outlook.com: aquantia.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: JaVvY/xXZpTvcPPlROe2KQAmtmdFKw8a+iZBBFke8KSAj82OT6/pFqWpEFUGt2IW8RRxSUtEEFhjPLt1XEnurgYkO7xP/JPpFAjAmX0O/h1CXBqoFdO8Bk/hHvrauWPm0oKQyn+BwM6W/sI5291fDbEM0vdGIQimVwr3FmIc084JOCkhwIKxXPqrm8Pr1qw/MlXDnelxf9zXqi6GXeLYRhwBBC4IuQtpTDKkHx04t6WrsY4U4D1yo67Fz9MYo+8Sa66hU1XIqlx6sxBdM7g6RbHJ8h5NAIpnXwYjzV4ZlX+PVhKECmr3eISxd+pkN/sudAXKggvEKG/UPpw7npSMs9tSh5Va/hrlu+gR3uaRtweXJ5pf204XztS1a6SV0q36AxgAj/ghTEYgQuThjBJkSIo8Z2V0ki+ZqHxNhgig7Zs=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: aquantia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: db426902-8cf6-4493-15de-08d6a6fee2ab
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Mar 2019 15:24:57.7973 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83e2e134-991c-4ede-8ced-34d47e38e6b1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB2747
Subject: [dpdk-stable] [PATCH v3 04/10] net/atlantic: fix buffer overflow
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 15:24:59 -0000

From: Pavel Belous <Pavel.Belous@aquantia.com>

Found by Coverity scan. This is a real memory corruption.
There is no need in extra RTE_ALIGN macros since the
request/result structures are 4-byte aligned by definition.

Cc: stable@dpdk.org
Fixes: ce4e8d418097 ("net/atlantic: implement EEPROM get/set")
Coverity issue: 323518
Coverity issue: 323520
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
Signed-off-by: Pavel Belous <Pavel.Belous@aquantia.com>
---
 drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c b/drivers/net/=
atlantic/hw_atl/hw_atl_utils_fw2x.c
index 6841d9bce39c..f90ccfe9e010 100644
--- a/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c
+++ b/drivers/net/atlantic/hw_atl/hw_atl_utils_fw2x.c
@@ -501,7 +501,7 @@ static int aq_fw2x_get_eeprom(struct aq_hw_s *self, u32=
 *data, u32 len)
 	/* Write SMBUS request to cfg memory */
 	err =3D hw_atl_utils_fw_upload_dwords(self, self->rpc_addr,
 				(u32 *)(void *)&request,
-				RTE_ALIGN(sizeof(request), sizeof(u32)));
+				sizeof(request) / sizeof(u32));
=20
 	if (err < 0)
 		return err;
@@ -523,7 +523,7 @@ static int aq_fw2x_get_eeprom(struct aq_hw_s *self, u32=
 *data, u32 len)
=20
 	err =3D hw_atl_utils_fw_downld_dwords(self, self->rpc_addr + sizeof(u32),
 			&result,
-			RTE_ALIGN(sizeof(result), sizeof(u32)));
+			sizeof(result) / sizeof(u32));
=20
 	if (err < 0)
 		return err;
@@ -558,7 +558,7 @@ static int aq_fw2x_set_eeprom(struct aq_hw_s *self, u32=
 *data, u32 len)
 	/* Write SMBUS request to cfg memory */
 	err =3D hw_atl_utils_fw_upload_dwords(self, self->rpc_addr,
 				(u32 *)(void *)&request,
-				RTE_ALIGN(sizeof(request), sizeof(u32)));
+				sizeof(request) / sizeof(u32));
=20
 	if (err < 0)
 		return err;
@@ -589,7 +589,7 @@ static int aq_fw2x_set_eeprom(struct aq_hw_s *self, u32=
 *data, u32 len)
 	/* Read status of write operation */
 	err =3D hw_atl_utils_fw_downld_dwords(self, self->rpc_addr + sizeof(u32),
 				&result,
-				RTE_ALIGN(sizeof(result), sizeof(u32)));
+				sizeof(result) / sizeof(u32));
=20
 	if (err < 0)
 		return err;
--=20
2.17.1