[PATCH v2 2/2] examples/l3fwd: fix read beyond array boundaries in ACL mode

[Stephen Hemminger]

On Tue, 30 Jul 2024 13:22:35 +0100
Konstantin Ananyev <konstantin.v.ananyev at yandex.ru> wrote:

> From: Konstantin Ananyev <konstantin.ananyev at huawei.com>
> 
> With commit: ACL mode now can use send_packets_multi().
> What I missed with that changes: send_packets_multi() can't deal
> properly with input dst_port[i] == BAD_PORT (though it can set
> it itself), as it uses dst_port[i] values to read L2 addresses for the port
> and assumes dst_port[] to contain valid only values.
> To fix that just add a check that all dst_port[] entries are valid before
> calling : send_packets_multi(). Otherwhise  use  send_packets_single().
> An alternative, and probably more logical approach would be to
> re-arrange send_packets_multi() so that it updates L2 packet headers
> at the very last state - when dst_port[] are finialized.
> But that would affect all other modes, but that would affect all other
> modes and will require much more code changes and testing.
> 
> Bugzilla ID: 1502
> Fixes: aa7c6077c19b ("examples/l3fwd: avoid packets reorder in ACL mode")
> 
> Reported-by: Song Jiale <songx.jiale at intel.com>
> Signed-off-by: Konstantin Ananyev <konstantin.ananyev at huawei.com>

Please fix spelling errors in this version.


WARNING:TYPO_SPELLING: 'Otherwhise' may be misspelled - perhaps 'Otherwise'?
#71: 
calling : send_packets_multi(). Otherwhise  use  send_packets_single().

WARNING:TYPO_SPELLING: 'deined' may be misspelled - perhaps 'denied'?
#121: FILE: examples/l3fwd/l3fwd_acl.c:1042:
+			/* bad or deined by ACL rule packets */