[EXTERNAL] [PATCH] event/octeontx: resolve possible integer overflow

Pavan Nikhilesh Bhagavatula pbhagavatula at marvell.com
Fri Oct 18 18:36:27 CEST 2024

Previous message (by thread): [PATCH] event/octeontx: resolve possible integer overflow
Next message (by thread): [PATCH] event/octeontx: resolve possible integer overflow
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> The last argument passed to ssovf_parsekv() is an
> unsigned char*, but it is accessed as an integer.
> This can lead to an integer overflow.
> 
> Hence, make ensure the argument is accessed as a char
> and for better error handling use strtol instead of atoi.
> 
> Signed-off-by: Hanumanth Pothula <hpothula at marvell.com>

Acked-by: Pavan Nikhilesh <pbhagavatula at marvell.com>

> ---
>  drivers/event/octeontx/ssovf_evdev.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/event/octeontx/ssovf_evdev.c
> b/drivers/event/octeontx/ssovf_evdev.c
> index 3a933b1db7..ccb447d33a 100644
> --- a/drivers/event/octeontx/ssovf_evdev.c
> +++ b/drivers/event/octeontx/ssovf_evdev.c
> @@ -719,8 +719,16 @@ ssovf_close(struct rte_eventdev *dev)
>  static int
>  ssovf_parsekv(const char *key __rte_unused, const char *value, void
> *opaque)
>  {
> -	int *flag = opaque;
> -	*flag = !!atoi(value);
> +	uint8_t *flag = (uint8_t *)opaque;
> +	char *end;
> +
> +	errno = 0;
> +	*flag = (uint8_t)strtol(value, &end, 2);
> +	if ((errno != 0) || (value == end)) {
> +		ssovf_log_err("fail to get key val ret:%d err:%d", *flag, errno);
> +		return -EINVAL;
> +	}
> +
>  	return 0;
>  }
> 
> --
> 2.25.1

Previous message (by thread): [PATCH] event/octeontx: resolve possible integer overflow
Next message (by thread): [PATCH] event/octeontx: resolve possible integer overflow
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list