diff mbox series

[v3,1/1] event/octeontx: resolve possible integer overflow

Message ID	20241024035524.1021926-1-hpothula@marvell.com (mailing list archive)
State	Superseded, archived
Delegated to:	Jerin Jacob
Headers	From: Hanumanth Pothula <hpothula@marvell.com> To: Jerin Jacob <jerinj@marvell.com> CC: <dev@dpdk.org>, <hkalra@marvell.com>, <stephen@networkplumber.org>, <hpothula@marvell.com> Subject: [PATCH v3 1/1] event/octeontx: resolve possible integer overflow Date: Thu, 24 Oct 2024 09:25:24 +0530 Message-ID: <20241024035524.1021926-1-hpothula@marvell.com> In-Reply-To: <20241023071546.865609-1-hpothula@marvell.com> References: <20241023071546.865609-1-hpothula@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	[v3,1/1] event/octeontx: resolve possible integer overflow \| [v3,1/1] event/octeontx: resolve possible integer overflow

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/loongarch-compilation	success	Compilation OK
ci/loongarch-unit-testing	success	Unit Testing PASS
ci/Intel-compilation	success	Compilation OK
ci/intel-Testing	success	Testing PASS
ci/github-robot: build	success	github build: passed
ci/intel-Functional	success	Functional PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/iol-marvell-Functional	success	Functional Testing PASS
ci/iol-unit-amd64-testing	warning	Testing issues
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-unit-arm64-testing	warning	Testing issues
ci/iol-sample-apps-testing	success	Testing PASS

Commit Message

Hanumanth Pothula Oct. 24, 2024, 3:55 a.m. UTC

The last argument passed to ssovf_parsekv() is an
unsigned char*, but it is accessed as an integer.
This can lead to an integer overflow.

Hence, make ensure the argument is accessed as a char
and for better error handling use strtol instead of atoi.

Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
---

v2: use strtoul instead of strtol
v3: Add value boundry check. Here, value can be either 0 or 1.
---
 drivers/event/octeontx/ssovf_evdev.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

Comments

Ali Alnubani Oct. 24, 2024, 7:57 a.m. UTC | #1

> -----Original Message-----
> From: Hanumanth Pothula <hpothula@marvell.com>
> Sent: Thursday, October 24, 2024 6:55 AM
> To: Jerin Jacob <jerinj@marvell.com>
> Cc: dev@dpdk.org; hkalra@marvell.com; stephen@networkplumber.org;
> hpothula@marvell.com
> Subject: [PATCH v3 1/1] event/octeontx: resolve possible integer overflow
> 
> The last argument passed to ssovf_parsekv() is an
> unsigned char*, but it is accessed as an integer.
> This can lead to an integer overflow.
> 
> Hence, make ensure the argument is accessed as a char
> and for better error handling use strtol instead of atoi.
> 
> Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
> ---
> 
> v2: use strtoul instead of strtol
> v3: Add value boundry check. Here, value can be either 0 or 1.
> ---

Confirmed that it resolves https://bugs.dpdk.org/show_bug.cgi?id=1512.

Tested-by: Ali Alnubani <alialnu@nvidia.com>

Thanks,
Ali

Jerin Jacob Oct. 25, 2024, 10:27 a.m. UTC | #2

On Thu, Oct 24, 2024 at 1:27 PM Ali Alnubani <alialnu@nvidia.com> wrote:
>
> > -----Original Message-----
> > From: Hanumanth Pothula <hpothula@marvell.com>
> > Sent: Thursday, October 24, 2024 6:55 AM
> > To: Jerin Jacob <jerinj@marvell.com>
> > Cc: dev@dpdk.org; hkalra@marvell.com; stephen@networkplumber.org;
> > hpothula@marvell.com
> > Subject: [PATCH v3 1/1] event/octeontx: resolve possible integer overflow
> >
> > The last argument passed to ssovf_parsekv() is an
> > unsigned char*, but it is accessed as an integer.
> > This can lead to an integer overflow.
> >
> > Hence, make ensure the argument is accessed as a char
> > and for better error handling use strtol instead of atoi.
> >

Add
Bugzilla ID: 1512

And add Fixes: tag

please start the git commit subject with event/octeontx: fix ...

Good to merge next version

> > Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
> > ---
> >
> > v2: use strtoul instead of strtol
> > v3: Add value boundry check. Here, value can be either 0 or 1.
> > ---
>
> Confirmed that it resolves https://bugs.dpdk.org/show_bug.cgi?id=1512.
>
> Tested-by: Ali Alnubani <alialnu@nvidia.com>



>
> Thanks,
> Ali

diff mbox series

Patch

diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
index 3a933b1db7..957fcab04e 100644
--- a/drivers/event/octeontx/ssovf_evdev.c
+++ b/drivers/event/octeontx/ssovf_evdev.c
@@ -717,10 +717,20 @@  ssovf_close(struct rte_eventdev *dev)
 }
 
 static int
-ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
+ssovf_parsekv(const char *key, const char *value, void *opaque)
 {
-	int *flag = opaque;
-	*flag = !!atoi(value);
+	uint8_t *flag = opaque;
+	uint64_t v;
+	char *end;
+
+	errno = 0;
+	v = strtoul(value, &end, 0);
+	if ((errno != 0) || (value == end) || *end != '\0' || v > 1) {
+		ssovf_log_err("invalid %s value %s", key, value);
+		return -EINVAL;
+	}
+
+	*flag = !!v;
 	return 0;
 }