[dpdk-stable] patch 'net/igb: fix memcpy length' has been queued to LTS release 16.11.4
luca.boccassi at gmail.com
luca.boccassi at gmail.com
Mon Oct 30 16:34:25 CET 2017
Hi,
FYI, your patch has been queued to LTS release 16.11.4
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 11/01/17. So please
shout if anyone has objections.
Thanks.
Kind regards,
Luca Boccassi
---
>From 664e5db471ca1fb9ccf51f23ee33ae4adc1492bf Mon Sep 17 00:00:00 2001
From: Yong Wang <wang.yong19 at zte.com.cn>
Date: Tue, 12 Sep 2017 08:44:00 -0400
Subject: [PATCH] net/igb: fix memcpy length
[ upstream commit 671f8776871d2e46c0619c743a82b2f6f6ce58ec ]
The size of "flex_filter.filter_info.mask" and "filter->mask" are 16
bytes, but the length of memcpy--"RTE_ALIGN(filter->len, sizeof(char))
/ sizeof(char)" may reach 128 bytes which may cause array access out
of bound.
Fix it by replacing "sizeof(char)" by "CHAR_BIT".
Fixes: 231d43909a31 ("igb: migrate flex filter to new API")
Signed-off-by: Yong Wang <wang.yong19 at zte.com.cn>
Reviewed-by: Ferruh Yigit <ferruh.yigit at intel.com>
---
drivers/net/e1000/igb_ethdev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/e1000/igb_ethdev.c b/drivers/net/e1000/igb_ethdev.c
index 9cf619faf..d16be9e1b 100644
--- a/drivers/net/e1000/igb_ethdev.c
+++ b/drivers/net/e1000/igb_ethdev.c
@@ -3839,7 +3839,7 @@ eth_igb_get_flex_filter(struct rte_eth_dev *dev,
flex_filter.filter_info.priority = filter->priority;
memcpy(flex_filter.filter_info.dwords, filter->bytes, filter->len);
memcpy(flex_filter.filter_info.mask, filter->mask,
- RTE_ALIGN(filter->len, sizeof(char)) / sizeof(char));
+ RTE_ALIGN(filter->len, CHAR_BIT) / CHAR_BIT);
it = eth_igb_flex_filter_lookup(&filter_info->flex_list,
&flex_filter.filter_info);
--
2.11.0
More information about the stable
mailing list