|SUCCESS| pw159227 [PATCH v5 16/17] vhost: check for overflow in xstat name

0-day Robot robot at bytheb.org
Tue Dec 16 17:12:33 CET 2025

Previous message (by thread): |SUCCESS| pw159227 [PATCH v5 16/17] vhost: check for overflow in xstat name
Next message (by thread): |SUCCESS| pw159226 [PATCH v5 15/17] ethdev: avoid possible overflow in xstat names
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Test-Label: 0day Robot - Claude SONNET
Test-Status: SUCCESS
http://dpdk.org/patch/159227

_AI Review Comments Available_

Git SHA: Not provided in patch
Author: Stephen Hemminger <stephen at networkplumber.org>
Subject: vhost: check for overflow in xstat name

This patch adds overflow checking to the xstat name formatting in the
vhost library by capturing the return value of snprintf and logging a
warning if the formatted string is truncated.

> diff --git a/lib/vhost/vhost.c b/lib/vhost/vhost.c
> index 416f082dca..540f4e0635 100644
> --- a/lib/vhost/vhost.c
> +++ b/lib/vhost/vhost.c
> @@ -2200,6 +2200,7 @@ rte_vhost_vring_stats_get_names(int vid, uint16_t queue_id,
>  {
>  	struct virtio_net *dev = get_device(vid);
>  	unsigned int i;
> +	int ret;
>  
>  	if (dev == NULL)
>  		return -1;
> @@ -2213,10 +2214,15 @@ rte_vhost_vring_stats_get_names(int vid, uint16_t queue_id,
>  	if (name == NULL || size < VHOST_NB_VQ_STATS)
>  		return VHOST_NB_VQ_STATS;
>  
> -	for (i = 0; i < VHOST_NB_VQ_STATS; i++)
> -		snprintf(name[i].name, sizeof(name[i].name), "%s_q%u_%s",
> -				(queue_id & 1) ? "rx" : "tx",
> -				queue_id / 2, vhost_vq_stat_strings[i].name);
> +	for (i = 0; i < VHOST_NB_VQ_STATS; i++) {
> +		ret = snprintf(name[i].name, sizeof(name[i].name), "%s_q%u_%s",
> +			       (queue_id & 1) ? "rx" : "tx",
> +			       queue_id / 2, vhost_vq_stat_strings[i].name);
> +		if (ret >= (int)sizeof(name[0].name))
> +			VHOST_CONFIG_LOG("device", NOTICE, "truncated xstat '%s_q%u_%s'",
> +					 (queue_id & 1) ? "rx" : "tx",
> +					 queue_id / 2, vhost_vq_stat_strings[i].name);
> +	}

Should the function return an error code when truncation occurs? The
current implementation logs the truncation but continues processing,
potentially leading to duplicate or ambiguous xstat names if multiple
entries are truncated to the same length.

Also, does the comparison use the correct array element for the size
check? The code uses sizeof(name[0].name) in the overflow check but
formats into name[i].name in the snprintf call.

Previous message (by thread): |SUCCESS| pw159227 [PATCH v5 16/17] vhost: check for overflow in xstat name
Next message (by thread): |SUCCESS| pw159226 [PATCH v5 15/17] ethdev: avoid possible overflow in xstat names
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the test-report mailing list