app/dumpcap:fix coredump problem because pcap_dump 3th argument is null
Checks
Commit Message
if rte_pktmbuf_read() return NULL, pcap_dump() would coredump.
Signed-off-by: Tianli Lai <laitianli@tom.com>
---
app/dumpcap/main.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
Comments
On Fri, 1 Mar 2024 18:41:29 +0800
Tianli Lai <laitianli@tom.com> wrote:
> if rte_pktmbuf_read() return NULL, pcap_dump() would coredump.
>
> Signed-off-by: Tianli Lai <laitianli@tom.com>
Ok, but how is this possible.
header.caplen will be min of (pktlen, 2048)
So in rte_pktmbuf_read()
if (likely (0 + pktlen <= rte_pktmbuf_data_len(m))
return rte_pktmbuf_mtod_offset(m, char *, 0);
Maybe the packet is really big and the packet is multi-segment.
But in that case the code rte_pktmbuf_read should do the consoliation.
Are you sure driver is not generating weird packets?
On Fri, 1 Mar 2024 18:41:29 +0800
Tianli Lai <laitianli@tom.com> wrote:
> if rte_pktmbuf_read() return NULL, pcap_dump() would coredump.
>
> Signed-off-by: Tianli Lai <laitianli@tom.com>
To safely handle jumbo packets, the code here should increase
the size of temp_data, then the RTE_MIN() is not needed either.
See drivers/net/pcap/pcap_ethdev.c
for (i = 0; i < nb_pkts; i++) {
mbuf = bufs[i];
len = caplen = rte_pktmbuf_pkt_len(mbuf);
if (unlikely(!rte_pktmbuf_is_contiguous(mbuf) &&
len > sizeof(temp_data))) {
caplen = sizeof(temp_data);
}
calculate_timestamp(&header.ts);
header.len = len;
header.caplen = caplen;
/* rte_pktmbuf_read() returns a pointer to the data directly
* in the mbuf (when the mbuf is contiguous) or, otherwise,
* a pointer to temp_data after copying into it.
*/
pcap_dump((u_char *)dumper, &header,
rte_pktmbuf_read(mbuf, 0, caplen, temp_data));
@@ -878,6 +878,7 @@ pcap_write_packets(pcap_dumper_t *dumper,
struct pcap_pkthdr header;
uint16_t i;
size_t total = 0;
+ const void *data;
gettimeofday(&header.ts, NULL);
@@ -886,9 +887,12 @@ pcap_write_packets(pcap_dumper_t *dumper,
header.len = rte_pktmbuf_pkt_len(m);
header.caplen = RTE_MIN(header.len, sizeof(temp_data));
-
- pcap_dump((u_char *)dumper, &header,
- rte_pktmbuf_read(m, 0, header.caplen, temp_data));
+ data = rte_pktmbuf_read(m, 0, header.caplen, temp_data);
+ if (!data) {
+ rte_pktmbuf_free(m);
+ continue;
+ }
+ pcap_dump((u_char *)dumper, &header, data);
total += sizeof(header) + header.len;
}