[dpdk-dev] [PATCH] kni: fix possible buffer overflow

Stephen Hemminger stephen at networkplumber.org
Thu Jul 11 17:33:35 CEST 2019


On Thu, 11 Jul 2019 13:35:07 +0100
Ferruh Yigit <ferruh.yigit at intel.com> wrote:

> 'kni_net_rx_lo_fifo()' can get segmented buffers, using 'pkt_len' for
> that case will be wrong and some values can cause buffer overflow
> in destination mbuf data.
> 
> Signed-off-by: Ferruh Yigit <ferruh.yigit at intel.com>
> ---
>  kernel/linux/kni/kni_net.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/linux/kni/kni_net.c b/kernel/linux/kni/kni_net.c
> index ad8365877..84341ac92 100644
> --- a/kernel/linux/kni/kni_net.c
> +++ b/kernel/linux/kni/kni_net.c
> @@ -435,7 +435,7 @@ kni_net_rx_lo_fifo(struct kni_dev *kni)
>  		/* Copy mbufs */
>  		for (i = 0; i < num; i++) {
>  			kva = pa2kva(kni->pa[i]);
> -			len = kva->pkt_len;
> +			len = kva->data_len;
>  			data_kva = kva2data_kva(kva);
>  			kni->va[i] = pa2va(kni->pa[i], kva);
>  

Acked-by: Stephen Hemminger <stephen at networkplumber.org>


More information about the dev mailing list