[dpdk-dev] [PATCH] vhost: avoid buffer overflow in update_secure_len

Rich Lane rich.lane at bigswitch.com
Wed Nov 18 06:26:57 CET 2015

Previous message: [dpdk-dev] [PATCH] vhost: avoid buffer overflow in update_secure_len
Next message: [dpdk-dev] [PATCH] vhost: avoid buffer overflow in update_secure_len
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Nov 17, 2015 at 6:56 PM, Yuanhan Liu <yuanhan.liu at linux.intel.com>
wrote:

> @@ -519,6 +526,8 @@ virtio_dev_merge_rx(struct virtio_net *dev, uint16_t
> queue_id,
>                                         goto merge_rx_exit;
>                                 } else {
>                                         update_secure_len(vq, res_cur_idx,
> &secure_len, &vec_idx);
> +                                       if (secure_len == 0)
> +                                               goto merge_rx_exit;
>                                         res_cur_idx++;
>                                 }
>                         } while (pkt_len > secure_len);
>

I think this needs to check whether secure_len was modified. secure_len is
read-write and could have a nonzero value going into the call. It could be
cleaner to give update_secure_len a return value saying whether it was able
to reserve any buffers.

Otherwise looks good, thanks!

Previous message: [dpdk-dev] [PATCH] vhost: avoid buffer overflow in update_secure_len
Next message: [dpdk-dev] [PATCH] vhost: avoid buffer overflow in update_secure_len
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list