diff mbox series

examples/ipsec-secgw: fix uninitialized memory access

Message ID	20220325112942.1119663-1-vfialko@marvell.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Volodymyr Fialko <vfialko@marvell.com> To: <dev@dpdk.org>, Radu Nicolau <radu.nicolau@intel.com>, Akhil Goyal <gakhil@marvell.com> CC: <jerinj@marvell.com>, Volodymyr Fialko <vfialko@marvell.com> Subject: [PATCH] examples/ipsec-secgw: fix uninitialized memory access Date: Fri, 25 Mar 2022 12:29:42 +0100 Message-ID: <20220325112942.1119663-1-vfialko@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	examples/ipsec-secgw: fix uninitialized memory access \| examples/ipsec-secgw: fix uninitialized memory access

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK
ci/iol-broadcom-Functional	fail	Functional Testing issues
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/intel-Testing	success	Testing PASS
ci/iol-intel-Performance	success	Performance Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/github-robot: build	success	github build: passed
ci/iol-aarch64-unit-testing	success	Testing PASS
ci/iol-x86_64-compile-testing	success	Testing PASS
ci/iol-aarch64-compile-testing	success	Testing PASS
ci/iol-abi-testing	success	Testing PASS
ci/iol-x86_64-unit-testing	success	Testing PASS

Commit Message

Volodymyr Fialko March 25, 2022, 11:29 a.m. UTC

rte_flow_validate and rte_flow_create not always initialize flow error.
Using error.message in some error cases will cause read from
uninitialized memory.

Fixes: 6738c0a9569 ("examples/ipsec-secgw: support flow director")

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
---
 examples/ipsec-secgw/flow.c  | 2 +-
 examples/ipsec-secgw/ipsec.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

Anoob Joseph April 28, 2022, 4:42 a.m. UTC | #1

> 
> ----------------------------------------------------------------------
> rte_flow_validate and rte_flow_create not always initialize flow error.
> Using error.message in some error cases will cause read from uninitialized
> memory.
> 
> Fixes: 6738c0a9569 ("examples/ipsec-secgw: support flow director")
> 
> Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
> ---
>  examples/ipsec-secgw/flow.c  | 2 +-
>  examples/ipsec-secgw/ipsec.c | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 

Acked-by: Anoob Joseph <anoobj@marvell.com>

Akhil Goyal May 11, 2022, 7:36 p.m. UTC | #2

> > rte_flow_validate and rte_flow_create not always initialize flow error.
> > Using error.message in some error cases will cause read from uninitialized
> > memory.
> >
> > Fixes: 6738c0a9569 ("examples/ipsec-secgw: support flow director")
> >
> > Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
> > ---
> >  examples/ipsec-secgw/flow.c  | 2 +-
> >  examples/ipsec-secgw/ipsec.c | 2 +-
> >  2 files changed, 2 insertions(+), 2 deletions(-)
> >
> 
> Acked-by: Anoob Joseph <anoobj@marvell.com>

Acked-by: Akhil Goyal <gakhil@marvell.com>

Applied to dpdk-next-crypto

Thanks.

Akhil Goyal May 11, 2022, 7:41 p.m. UTC | #3

> -----Original Message-----
> From: Akhil Goyal
> Sent: Thursday, May 12, 2022 1:06 AM
> To: Anoob Joseph <anoobj@marvell.com>; Volodymyr Fialko
> <vfialko@marvell.com>; dev@dpdk.org; Radu Nicolau
> <radu.nicolau@intel.com>
> Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; Volodymyr Fialko
> <vfialko@marvell.com>
> Subject: RE: [EXT] [PATCH] examples/ipsec-secgw: fix uninitialized memory
> access
> 
> 
> > > rte_flow_validate and rte_flow_create not always initialize flow error.
> > > Using error.message in some error cases will cause read from uninitialized
> > > memory.
> > >
> > > Fixes: 6738c0a9569 ("examples/ipsec-secgw: support flow director")
> > >
> > > Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
> > > ---
> > >  examples/ipsec-secgw/flow.c  | 2 +-
> > >  examples/ipsec-secgw/ipsec.c | 2 +-
> > >  2 files changed, 2 insertions(+), 2 deletions(-)
> > >
> >
> > Acked-by: Anoob Joseph <anoobj@marvell.com>
> 
> Acked-by: Akhil Goyal <gakhil@marvell.com>
> 
> Applied to dpdk-next-crypto
> 
> Thanks.

Cc: stable@dpdk.org

diff mbox series

Patch

diff --git a/examples/ipsec-secgw/flow.c b/examples/ipsec-secgw/flow.c
index 1a1ec7861c..c217b9e475 100644
--- a/examples/ipsec-secgw/flow.c
+++ b/examples/ipsec-secgw/flow.c
@@ -214,7 +214,7 @@  flow_init_single(struct flow_rule_entry *rule)
 	struct rte_flow_item pattern[MAX_RTE_FLOW_PATTERN] = {};
 	struct rte_flow_action action[MAX_RTE_FLOW_ACTIONS] = {};
 	struct rte_flow_attr attr = {};
-	struct rte_flow_error err;
+	struct rte_flow_error err = {};
 	int ret;
 
 	attr.egress = 0;
diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 2d4a26c962..b66ff2b650 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -496,7 +496,7 @@  int
 create_ipsec_esp_flow(struct ipsec_sa *sa)
 {
 	int ret = 0;
-	struct rte_flow_error err;
+	struct rte_flow_error err = {};
 	if (sa->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
 		RTE_LOG(ERR, IPSEC,
 			"No Flow director rule for Egress traffic\n");