|SUCCESS| pw159221 eal: add check for sysfs path overflow

0-day Robot robot at bytheb.org
Tue Dec 16 17:12:19 CET 2025

Previous message (by thread): |SUCCESS| pw169219 [PATCH v5 08/17] eal: warn if thread name is truncated
Next message (by thread): |SUCCESS| pw159326-159330 [PATCH v2 5/5] bpf: fix BPF validation w/ conditional jump first
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Test-Label: 0day Robot - Claude SONNET
Test-Status: SUCCESS
http://dpdk.org/patch/159221

_AI Review Comments Available_

git sha: [not available from patch]
Author: Stephen Hemminger <stephen at networkplumber.org>
Subject: eal: add check for sysfs path overflow

This patch adds a check for potential buffer overflow when constructing
sysfs paths in get_num_hugepages_on_node() function.

> diff --git a/lib/eal/linux/eal_hugepage_info.c b/lib/eal/linux/eal_hugepage_info.c
> index 7161b1a2fb..fe3351259e 100644
> --- a/lib/eal/linux/eal_hugepage_info.c
> +++ b/lib/eal/linux/eal_hugepage_info.c
> @@ -150,8 +150,12 @@ get_num_hugepages_on_node(const char *subdir, unsigned int socket, size_t sz)
>  		return 0;
>  	}
>  
> -	snprintf(path, sizeof(path), "%s/%s/%s",
> +	if (snprintf(path, sizeof(path), "%s/%s/%s", socketpath, subdir, nr_hp_file) >= PATH_MAX) {
> +		EAL_LOG(NOTICE, "Socket path %s/%s/%s is truncated",
>  			socketpath, subdir, nr_hp_file);
> +		return 0;
> +	}
> +

Does this comparison use the correct buffer size? The code compares 
snprintf return value against PATH_MAX, but the actual buffer size is 
sizeof(path). If the path variable is not PATH_MAX bytes, this could 
either miss truncation or incorrectly flag valid paths.

Previous message (by thread): |SUCCESS| pw169219 [PATCH v5 08/17] eal: warn if thread name is truncated
Next message (by thread): |SUCCESS| pw159326-159330 [PATCH v2 5/5] bpf: fix BPF validation w/ conditional jump first
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the test-report mailing list