BUG: AddressSanitizer reports a buffer-overflow on rte_hash_lookup

Isaac Boukris iboukris at gmail.com
Sun Feb 5 17:54:20 CET 2023

Previous message (by thread): [PATCH V6 00/11] pipeline: add IPsec support
Next message (by thread): BUG: AddressSanitizer reports a buffer-overflow on rte_hash_lookup
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I managed to reproduce it by modifying the helloworld app (see
attached). The report seem correct, as in case of 10 byte key the code
tries to look at the key as uint32 array and access k[2] which is two
bytes over, see:
https://github.com/DPDK/dpdk/blob/0bf5832222971a0154c9150d4a7a4b82ecbc9ddb/lib/hash/rte_jhash.h#L118

$ sudo build/helloworld --iova-mode=pa
EAL: Detected CPU lcores: 8
EAL: Detected NUMA nodes: 1
EAL: Detected static linkage of DPDK
EAL: Multi-process socket /var/run/dpdk/rte/mp_socket
EAL: Selected IOVA mode 'PA'
EAL: VFIO support initialized
EAL: Using IOMMU type 1 (Type 1)
EAL: Ignore mapping IO port bar(3)
EAL: Probe PCI driver: net_vmxnet3 (15ad:7b0) device: 0000:0b:00.0 (socket -1)
=================================================================
==21410==ERROR: AddressSanitizer: global-buffer-overflow on address
0x0000024fe428 at pc 0x000001293b0b bp 0x7fff126ef2d0 sp
0x7fff126ef2c0
READ of size 4 at 0x0000024fe428 thread T0
    #0 0x1293b0a in __rte_jhash_2hashes
(/home/admin/dpdk/share/dpdk/examples/helloworld/build/helloworld-static+0x1293b0a)
    #1 0x12953bf in rte_jhash_2hashes
(/home/admin/dpdk/share/dpdk/examples/helloworld/build/helloworld-static+0x12953bf)
    #2 0x12954c8 in rte_jhash
(/home/admin/dpdk/share/dpdk/examples/helloworld/build/helloworld-static+0x12954c8)
    #3 0x1bd7168 in rte_hash_lookup
(/home/admin/dpdk/share/dpdk/examples/helloworld/build/helloworld-static+0x1bd7168)
    #4 0x1295600 in main
(/home/admin/dpdk/share/dpdk/examples/helloworld/build/helloworld-static+0x1295600)
    #5 0x7fe8fffbbd84 in __libc_start_main (/lib64/libc.so.6+0x3ad84)
    #6 0x129356d in _start
(/home/admin/dpdk/share/dpdk/examples/helloworld/build/helloworld-static+0x129356d)

0x0000024fe42a is located 0 bytes to the right of global variable
'hash_key' defined in 'main.c:34:13' (0x24fe420) of size 10
SUMMARY: AddressSanitizer: global-buffer-overflow
(/home/admin/dpdk/share/dpdk/examples/helloworld/build/helloworld-static+0x1293b0a)
in __rte_jhash_2hashes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Demo-bug-in-rte_hash_lookup.patch
Type: text/x-patch
Size: 2451 bytes
Desc: not available
URL: <http://mails.dpdk.org/archives/dev/attachments/20230205/95e2cc46/attachment.bin>

Previous message (by thread): [PATCH V6 00/11] pipeline: add IPsec support
Next message (by thread): BUG: AddressSanitizer reports a buffer-overflow on rte_hash_lookup
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list