[dpdk-dev] [PATCH v3] librte_cmdline: FreeBSD Fix oveflow when size of command result structure is greater than BUFSIZ

Thomas Monjalon thomas.monjalon at 6wind.com
Fri Dec 5 16:58:16 CET 2014


> > When using test-pmd with flow director in FreeBSD, the application will
> > segfault/Bus error while parsing the command-line. This is due to how
> > each commands result structure is represented during parsing, where the offsets
> > for each tokens value is stored in a character array(char result_buf[BUFSIZ])
> > in cmdline_parse()(./lib/librte_cmdline/cmdline_parse.c).
> > 
> > The overflow occurs where BUFSIZ is less than the size of a commands result
> > structure, in this case "struct cmd_pkt_filter_result"
> > (app/test-pmd/cmdline.c) is 1088 bytes and BUFSIZ on FreeBSD is 1024 bytes as
> > opposed to 8192 bytes on Linux.
> > 
> > The problem can be reproduced by running test-pmd on FreeBSD:
> > ./testpmd -c 0x3 -n 4 -- -i --portmask=0x3 --pkt-filter-mode=perfect
> > And adding a filter:
> > add_perfect_filter 0 udp src 192.168.0.0 1024 dst 192.168.0.0 1024 flexbytes
> > 0x800 vlan 0 queue 0 soft 0x17
> > 
> > This patch removes the OS dependency on BUFSIZ and defines and uses a
> > library #define CMDLINE_PARSE_RESULT_BUFSIZE 8192
> > 
> > Added boundary checking to ensure this buffer size cannot overflow, with
> > an error message being produced.
> > 
> > Suggested-by: Olivier MATZ <olivier.matz at 6wind.com>
> > http://git.droids-corp.org/?p=libcmdline.git;a=commitdiff;h=b1d5b169352e57df3fc14c51ffad4b83f3e5613f
> > 
> > Signed-off-by: Alan Carew <alan.carew at intel.com>
> > Signed-off-by: Olivier MATZ <olivier.matz at 6wind.com>
> 
> Tested on FreeBSD 10 and this patch fixes the issue described.
> 
> Tested-by: Bruce Richardson <bruce.richardson at intel.com>

Applied

Thank you all
-- 
Thomas


More information about the dev mailing list