From patchwork Tue Nov 14 08:41:24 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jie Hai <haijie1@huawei.com>
X-Patchwork-Id: 134244
X-Patchwork-Delegate: thomas@monjalon.net
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 9513043325;
	Tue, 14 Nov 2023 09:48:27 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id B459140E0F;
	Tue, 14 Nov 2023 09:47:29 +0100 (CET)
Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188])
 by mails.dpdk.org (Postfix) with ESMTP id 6F0B54068A
 for <dev@dpdk.org>; Tue, 14 Nov 2023 09:47:18 +0100 (CET)
Received: from kwepemd100004.china.huawei.com (unknown [172.30.72.55])
 by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4SV0Dn0lylzPpCs;
 Tue, 14 Nov 2023 16:43:05 +0800 (CST)
Received: from localhost.localdomain (10.67.165.2) by
 kwepemd100004.china.huawei.com (7.221.188.31) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.2.1258.23; Tue, 14 Nov 2023 16:47:16 +0800
From: Jie Hai <haijie1@huawei.com>
To: <dev@dpdk.org>, Akhil Goyal <gakhil@marvell.com>, Gowrishankar
 Muthukrishnan <gmuthukrishn@marvell.com>
CC: <haijie1@huawei.com>, <lihuisong@huawei.com>, <fengchengwen@huawei.com>
Subject: [PATCH v2 13/22] security: replace strtok with reentrant version
Date: Tue, 14 Nov 2023 16:41:24 +0800
Message-ID: <20231114084133.3573959-14-haijie1@huawei.com>
X-Mailer: git-send-email 2.30.0
In-Reply-To: <20231114084133.3573959-1-haijie1@huawei.com>
References: <20231113104550.2138654-1-haijie1@huawei.com>
 <20231114084133.3573959-1-haijie1@huawei.com>
MIME-Version: 1.0
X-Originating-IP: [10.67.165.2]
X-ClientProxiedBy: dggems701-chm.china.huawei.com (10.3.19.178) To
 kwepemd100004.china.huawei.com (7.221.188.31)
X-CFilter-Loop: Reflected
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Multiple threads calling the same function may cause condition
race issues, which often leads to abnormal behavior and can cause
more serious vulnerabilities such as abnormal termination, denial
of service, and compromised data integrity.

The strtok() is non-reentrant, it is better to replace it with a
reentrant version.

Fixes: 259ca6d1617f ("security: add telemetry endpoint for capabilities")
Cc: stable@dpdk.org

Signed-off-by: Jie Hai <haijie1@huawei.com>
Acked-by: Chengwen Feng <fengchengwen@huawei.com>
---
 lib/security/rte_security.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c
index b082a290296b..51e3a669e6ec 100644
--- a/lib/security/rte_security.c
+++ b/lib/security/rte_security.c
@@ -496,13 +496,14 @@ security_handle_cryptodev_crypto_caps(const char *cmd __rte_unused, const char *
 	int dev_id, capa_id;
 	int crypto_caps_n;
 	char *end_param;
+	char *sp = NULL;
 	int rc;
 
 	if (!params || strlen(params) == 0 || !isdigit(*params))
 		return -EINVAL;
 
 	dev_id = strtoul(params, &end_param, 0);
-	capa_param = strtok(end_param, ",");
+	capa_param = strtok_s(end_param, ",", &sp);
 	if (!capa_param || strlen(capa_param) == 0 || !isdigit(*capa_param))
 		return -EINVAL;