[PATCH] examples/l3fwd: resolve stack buffer overflow issue

[Ananyev, Konstantin]

> This patch fixes the stack buffer overflow error reported
> from AddressSanitizer.
> Function send_packetsx4() tries to access out of bound data
> from rte_mbuf and fill it into TX buffer even in the case
> where no pending packets (len = 0).
> Performance impact:- No
> 
> ASAN error report:-
> ==819==ERROR: AddressSanitizer: stack-buffer-overflow on address
> 0xffffe2c0dcf0 at pc 0x0000005e791c bp 0xffffe2c0d7e0 sp 0xffffe2c0d800
> READ of size 8 at 0xffffe2c0dcf0 thread T0
>  #0 0x5e7918 in send_packetsx4 ../examples/l3fwd/l3fwd_common.h:251
>  #1 0x5e7918 in send_packets_multi ../examples/l3fwd/l3fwd_neon.h:226
> 
> Signed-off-by: Rahul Bhansali <rbhansali at marvell.com>
> ---
>  examples/l3fwd/l3fwd_common.h | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/examples/l3fwd/l3fwd_common.h b/examples/l3fwd/l3fwd_common.h
> index 7d83ff641a..de77711f88 100644
> --- a/examples/l3fwd/l3fwd_common.h
> +++ b/examples/l3fwd/l3fwd_common.h
> @@ -236,6 +236,9 @@ send_packetsx4(struct lcore_conf *qconf, uint16_t port, struct rte_mbuf *m[],
> 
>  		/* copy rest of the packets into the TX buffer. */
>  		len = num - n;
> +		if (len == 0)
> +			goto exit;
> +
>  		j = 0;
>  		switch (len % FWDSTEP) {
>  		while (j < len) {
> @@ -258,6 +261,7 @@ send_packetsx4(struct lcore_conf *qconf, uint16_t port, struct rte_mbuf *m[],
>  		}
>  	}
> 
> +exit:
>  	qconf->tx_mbufs[port].len = len;
>  }
> 
> --

Acked-by: Konstantin Ananyev <konstantin.ananyev at intel.com>

> 2.25.1