[dpdk-dev] net/e1000: fix out of bounds access
Checks
Commit Message
Fix wrong structure type used as argument
in memset() call.
Coverity issue: 147223
Coverity issue: 147227
Fixes: a8600af43738 ("net/igb: parse flow API ethertype filter")
Fixes: 22bb13410cb2 ("net/igb: create consistent filter")
Cc: stable@dpdk.org
Signed-off-by: Kuba Kozak <kubax.kozak@intel.com>
---
drivers/net/e1000/igb_flow.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
Comments
Hi Kuba,
> -----Original Message-----
> From: Kozak, KubaX
> Sent: Tuesday, July 25, 2017 8:19 AM
> To: Lu, Wenzhuo <wenzhuo.lu@intel.com>
> Cc: dev@dpdk.org; Jain, Deepak K <deepak.k.jain@intel.com>; Jastrzebski,
> MichalX K <michalx.k.jastrzebski@intel.com>; Kozak, KubaX
> <kubax.kozak@intel.com>; stable@dpdk.org
> Subject: [PATCH] net/e1000: fix out of bounds access
>
> Fix wrong structure type used as argument in memset() call.
>
> Coverity issue: 147223
> Coverity issue: 147227
I'm not sure what's this "coverity issue" mean. Maybe we can remove it?
Except that, Acked-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
> Fixes: a8600af43738 ("net/igb: parse flow API ethertype filter")
> Fixes: 22bb13410cb2 ("net/igb: create consistent filter")
> Cc: stable@dpdk.org
>
> Signed-off-by: Kuba Kozak <kubax.kozak@intel.com>
> -----Original Message-----
> From: Lu, Wenzhuo
> Sent: Tuesday, July 25, 2017 3:25 PM
> To: Kozak, KubaX <kubax.kozak@intel.com>
> Cc: dev@dpdk.org; Jain, Deepak K <deepak.k.jain@intel.com>; Jastrzebski,
> MichalX K <michalx.k.jastrzebski@intel.com>; stable@dpdk.org
> Subject: RE: [PATCH] net/e1000: fix out of bounds access
>
> Hi Kuba,
>
> > -----Original Message-----
> > From: Kozak, KubaX
> > Sent: Tuesday, July 25, 2017 8:19 AM
> > To: Lu, Wenzhuo <wenzhuo.lu@intel.com>
> > Cc: dev@dpdk.org; Jain, Deepak K <deepak.k.jain@intel.com>; Jastrzebski,
> > MichalX K <michalx.k.jastrzebski@intel.com>; Kozak, KubaX
> > <kubax.kozak@intel.com>; stable@dpdk.org
> > Subject: [PATCH] net/e1000: fix out of bounds access
> >
> > Fix wrong structure type used as argument in memset() call.
> >
> > Coverity issue: 147223
> > Coverity issue: 147227
> I'm not sure what's this "coverity issue" mean. Maybe we can remove it?
Hi Wenzhuo,
these are Coverity issue ID numbers - as this is an issue reported by
The Coverity Scan tool (a tool for static code analysis).
So the line " Coverity issue: 147223" means this patch will fix a defect reported by
The Coverity Scan tool under the number 147223.
Best regards
Michal.
> Except that, Acked-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
>
> > Fixes: a8600af43738 ("net/igb: parse flow API ethertype filter")
> > Fixes: 22bb13410cb2 ("net/igb: create consistent filter")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Kuba Kozak <kubax.kozak@intel.com>
Hi Michal,
> -----Original Message-----
> From: Jastrzebski, MichalX K
> Sent: Tuesday, July 25, 2017 9:36 AM
> To: Lu, Wenzhuo <wenzhuo.lu@intel.com>; Kozak, KubaX
> <kubax.kozak@intel.com>
> Cc: dev@dpdk.org; Jain, Deepak K <deepak.k.jain@intel.com>;
> stable@dpdk.org
> Subject: RE: [PATCH] net/e1000: fix out of bounds access
>
> > -----Original Message-----
> > From: Lu, Wenzhuo
> > Sent: Tuesday, July 25, 2017 3:25 PM
> > To: Kozak, KubaX <kubax.kozak@intel.com>
> > Cc: dev@dpdk.org; Jain, Deepak K <deepak.k.jain@intel.com>;
> > Jastrzebski, MichalX K <michalx.k.jastrzebski@intel.com>;
> > stable@dpdk.org
> > Subject: RE: [PATCH] net/e1000: fix out of bounds access
> >
> > Hi Kuba,
> >
> > > -----Original Message-----
> > > From: Kozak, KubaX
> > > Sent: Tuesday, July 25, 2017 8:19 AM
> > > To: Lu, Wenzhuo <wenzhuo.lu@intel.com>
> > > Cc: dev@dpdk.org; Jain, Deepak K <deepak.k.jain@intel.com>;
> > > Jastrzebski, MichalX K <michalx.k.jastrzebski@intel.com>; Kozak,
> > > KubaX <kubax.kozak@intel.com>; stable@dpdk.org
> > > Subject: [PATCH] net/e1000: fix out of bounds access
> > >
> > > Fix wrong structure type used as argument in memset() call.
> > >
> > > Coverity issue: 147223
> > > Coverity issue: 147227
> > I'm not sure what's this "coverity issue" mean. Maybe we can remove it?
>
> Hi Wenzhuo,
> these are Coverity issue ID numbers - as this is an issue reported by The
> Coverity Scan tool (a tool for static code analysis).
> So the line " Coverity issue: 147223" means this patch will fix a defect
> reported by The Coverity Scan tool under the number 147223.
Got it. Thanks for that :)
>
> Best regards
> Michal.
>
> > Except that, Acked-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
> >
> > > Fixes: a8600af43738 ("net/igb: parse flow API ethertype filter")
> > > Fixes: 22bb13410cb2 ("net/igb: create consistent filter")
> > > Cc: stable@dpdk.org
> > >
> > > Signed-off-by: Kuba Kozak <kubax.kozak@intel.com>
On 7/25/2017 2:24 PM, Lu, Wenzhuo wrote:
> Hi Kuba,
>
>> -----Original Message-----
>> From: Kozak, KubaX
>> Sent: Tuesday, July 25, 2017 8:19 AM
>> To: Lu, Wenzhuo <wenzhuo.lu@intel.com>
>> Cc: dev@dpdk.org; Jain, Deepak K <deepak.k.jain@intel.com>; Jastrzebski,
>> MichalX K <michalx.k.jastrzebski@intel.com>; Kozak, KubaX
>> <kubax.kozak@intel.com>; stable@dpdk.org
>> Subject: [PATCH] net/e1000: fix out of bounds access
>>
>> Fix wrong structure type used as argument in memset() call.
>>
>> Coverity issue: 147223
>> Coverity issue: 147227
> I'm not sure what's this "coverity issue" mean. Maybe we can remove it?
> Except that, Acked-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
>
>> Fixes: a8600af43738 ("net/igb: parse flow API ethertype filter")
>> Fixes: 22bb13410cb2 ("net/igb: create consistent filter")
>> Cc: stable@dpdk.org
>>
>> Signed-off-by: Kuba Kozak <kubax.kozak@intel.com>
Acked-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
Applied to dpdk-next-net/master, thanks.
@@ -694,7 +694,8 @@ igb_parse_ethertype_filter(struct rte_eth_dev *dev,
if (hw->mac.type == e1000_82576) {
if (filter->queue >= IGB_MAX_RX_QUEUE_NUM_82576) {
- memset(filter, 0, sizeof(struct rte_eth_ntuple_filter));
+ memset(filter, 0, sizeof(
+ struct rte_eth_ethertype_filter));
rte_flow_error_set(error, EINVAL,
RTE_FLOW_ERROR_TYPE_ITEM,
NULL, "queue number not supported "
@@ -703,7 +704,8 @@ igb_parse_ethertype_filter(struct rte_eth_dev *dev,
}
} else {
if (filter->queue >= IGB_MAX_RX_QUEUE_NUM) {
- memset(filter, 0, sizeof(struct rte_eth_ntuple_filter));
+ memset(filter, 0, sizeof(
+ struct rte_eth_ethertype_filter));
rte_flow_error_set(error, EINVAL,
RTE_FLOW_ERROR_TYPE_ITEM,
NULL, "queue number not supported "