diff mbox series

common/cnxk: validate length argument

Message ID	20220207061246.4209-1-adwivedi@marvell.com (mailing list archive)
State	Accepted, archived
Delegated to:	Jerin Jacob
Headers	From: Ankur Dwivedi <adwivedi@marvell.com> To: <dev@dpdk.org> CC: <ndabilpuram@marvell.com>, <kirankumark@marvell.com>, <skori@marvell.com>, <skoteshwar@marvell.com>, <jerinj@marvell.com>, Ankur Dwivedi <adwivedi@marvell.com>, <stable@dpdk.org> Subject: [PATCH] common/cnxk: validate length argument Date: Mon, 7 Feb 2022 11:42:46 +0530 Message-ID: <20220207061246.4209-1-adwivedi@marvell.com> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit Precedence: list Errors-To: dev-bounces@dpdk.org
Series	common/cnxk: validate length argument \| common/cnxk: validate length argument

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/iol-broadcom-Functional	success	Functional Testing PASS
ci/Intel-compilation	success	Compilation OK
ci/github-robot: build	success	github build: passed
ci/iol-intel-Performance	success	Performance Testing PASS
ci/intel-Testing	success	Testing PASS
ci/iol-abi-testing	success	Testing PASS
ci/iol-x86_64-compile-testing	success	Testing PASS
ci/iol-aarch64-unit-testing	success	Testing PASS
ci/iol-aarch64-compile-testing	success	Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-x86_64-unit-testing	success	Testing PASS

Commit Message

Ankur Dwivedi Feb. 7, 2022, 6:12 a.m. UTC

  The x->len is passed as argument to npc_prep_mcam_ldata(). In the
function the len is used to reference elements of int_info and
int_info_mask array. The arrays are of length NPC_MAX_EXTRACT_DATA_LEN.

Validating the x->len value so that it is not greater than
NPC_MAX_EXTRACT_DATA_LEN.

This patch also resolves warning observed with gcc 12 compiler.

log:
   ../drivers/common/cnxk/roc_npc_utils.c:13:26: warning: writing 16 bytes
   into a region of size 0 [-Wstringop-overflow=]
   ptr[idx] = data[len - 1 - idx];

   ../drivers/common/cnxk/roc_npc_utils.c:163:17: note: at offset 64 into
   destination object ‘int_info’ of size 64
   uint8_t int_info[NPC_MAX_EXTRACT_DATA_LEN];

Bugzilla ID: 854
Fixes: 665b6a7400bf ("common/cnxk: add NPC helper API")
Cc: stable@dpdk.org

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Reviewed-by: Kiran Kumar Kokkilagadda <kirankumark@marvell.com>
---
 drivers/common/cnxk/roc_npc_utils.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Jerin Jacob Feb. 17, 2022, 1:04 p.m. UTC | #1

On Mon, Feb 7, 2022 at 11:43 AM Ankur Dwivedi <adwivedi@marvell.com> wrote:
>
> The x->len is passed as argument to npc_prep_mcam_ldata(). In the
> function the len is used to reference elements of int_info and
> int_info_mask array. The arrays are of length NPC_MAX_EXTRACT_DATA_LEN.
>
> Validating the x->len value so that it is not greater than
> NPC_MAX_EXTRACT_DATA_LEN.
>
> This patch also resolves warning observed with gcc 12 compiler.
>
> log:
>    ../drivers/common/cnxk/roc_npc_utils.c:13:26: warning: writing 16 bytes
>    into a region of size 0 [-Wstringop-overflow=]
>    ptr[idx] = data[len - 1 - idx];
>
>    ../drivers/common/cnxk/roc_npc_utils.c:163:17: note: at offset 64 into
>    destination object ‘int_info’ of size 64
>    uint8_t int_info[NPC_MAX_EXTRACT_DATA_LEN];
>
> Bugzilla ID: 854
> Fixes: 665b6a7400bf ("common/cnxk: add NPC helper API")
> Cc: stable@dpdk.org
>
> Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
> Reviewed-by: Kiran Kumar Kokkilagadda <kirankumark@marvell.com>

Changed the subject as
common/cnxk: fix NPC key extraction validation

Applied to dpdk-next-net-mrvl/for-next-net. Thanks


> ---
>  drivers/common/cnxk/roc_npc_utils.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/drivers/common/cnxk/roc_npc_utils.c b/drivers/common/cnxk/roc_npc_utils.c
> index ed0ef5c462..007c454c3c 100644
> --- a/drivers/common/cnxk/roc_npc_utils.c
> +++ b/drivers/common/cnxk/roc_npc_utils.c
> @@ -166,6 +166,9 @@ npc_update_extraction_data(struct npc_parse_state *pst,
>         int len = 0;
>
>         x = xinfo;
> +       if (x->len > NPC_MAX_EXTRACT_DATA_LEN)
> +               return NPC_ERR_INVALID_SIZE;
> +
>         len = x->len;
>         hdr_off = x->hdr_off;
>
> --
> 2.28.0
>

diff mbox series

Patch

diff --git a/drivers/common/cnxk/roc_npc_utils.c b/drivers/common/cnxk/roc_npc_utils.c
index ed0ef5c462..007c454c3c 100644
--- a/drivers/common/cnxk/roc_npc_utils.c
+++ b/drivers/common/cnxk/roc_npc_utils.c
@@ -166,6 +166,9 @@  npc_update_extraction_data(struct npc_parse_state *pst,
 	int len = 0;
 
 	x = xinfo;
+	if (x->len > NPC_MAX_EXTRACT_DATA_LEN)
+		return NPC_ERR_INVALID_SIZE;
+
 	len = x->len;
 	hdr_off = x->hdr_off;