[PATCH v2 13/22] security: replace strtok with reentrant version

Jie Hai haijie1 at huawei.com
Tue Nov 14 09:41:24 CET 2023

Previous message (by thread): [PATCH v2 12/22] eventdev: replace strtok with reentrant version
Next message (by thread): [PATCH v2 14/22] telemetry: replace strtok with reentrant version
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Multiple threads calling the same function may cause condition
race issues, which often leads to abnormal behavior and can cause
more serious vulnerabilities such as abnormal termination, denial
of service, and compromised data integrity.

The strtok() is non-reentrant, it is better to replace it with a
reentrant version.

Fixes: 259ca6d1617f ("security: add telemetry endpoint for capabilities")
Cc: stable at dpdk.org

Signed-off-by: Jie Hai <haijie1 at huawei.com>
Acked-by: Chengwen Feng <fengchengwen at huawei.com>
---
 lib/security/rte_security.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c
index b082a290296b..51e3a669e6ec 100644
--- a/lib/security/rte_security.c
+++ b/lib/security/rte_security.c
@@ -496,13 +496,14 @@ security_handle_cryptodev_crypto_caps(const char *cmd __rte_unused, const char *
 	int dev_id, capa_id;
 	int crypto_caps_n;
 	char *end_param;
+	char *sp = NULL;
 	int rc;
 
 	if (!params || strlen(params) == 0 || !isdigit(*params))
 		return -EINVAL;
 
 	dev_id = strtoul(params, &end_param, 0);
-	capa_param = strtok(end_param, ",");
+	capa_param = strtok_s(end_param, ",", &sp);
 	if (!capa_param || strlen(capa_param) == 0 || !isdigit(*capa_param))
 		return -EINVAL;
 
-- 
2.30.0

Previous message (by thread): [PATCH v2 12/22] eventdev: replace strtok with reentrant version
Next message (by thread): [PATCH v2 14/22] telemetry: replace strtok with reentrant version
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list