[dpdk-stable] patch 'net/softnic: fix possible buffer overflow' has been queued to LTS release 18.11.2

Kevin Traynor ktraynor at redhat.com
Wed Apr 10 18:43:46 CEST 2019

Previous message: [dpdk-stable] patch 'crypto/virtio: use local log type' has been queued to LTS release 18.11.2
Next message: [dpdk-stable] patch 'drivers/net: fix shifting 32-bit signed variable 31 times' has been queued to LTS release 18.11.2
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to LTS release 18.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 04/16/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 111ed81e6a13a08afeb2464034ae080dfc8e2e74 Mon Sep 17 00:00:00 2001
From: Pallantla Poornima <pallantlax.poornima at intel.com>
Date: Mon, 4 Feb 2019 07:23:48 +0000
Subject: [PATCH] net/softnic: fix possible buffer overflow

[ upstream commit fef6b216390f33c066ea15e9de7845dfc3ab6d6a ]

sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf is used.

Fixes: daabf2fb949b ("net/softnic: map flow action to table action")

Signed-off-by: Pallantla Poornima <pallantlax.poornima at intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit at intel.com>
---
 drivers/net/softnic/rte_eth_softnic_flow.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/net/softnic/rte_eth_softnic_flow.c b/drivers/net/softnic/rte_eth_softnic_flow.c
index 21e753001..aefc384dc 100644
--- a/drivers/net/softnic/rte_eth_softnic_flow.c
+++ b/drivers/net/softnic/rte_eth_softnic_flow.c
@@ -1284,5 +1284,6 @@ flow_rule_action_get(struct pmd_internals *softnic,
 					"QUEUE: Invalid RX queue ID");
 
-			sprintf(name, "RXQ%u", (uint32_t)conf->index);
+			snprintf(name, sizeof(name), "RXQ%u",
+					(uint32_t)conf->index);
 
 			status = softnic_pipeline_port_out_find(softnic,
@@ -1374,5 +1375,5 @@ flow_rule_action_get(struct pmd_internals *softnic,
 						"RSS: Invalid RX queue ID");
 
-				sprintf(name, "RXQ%u",
+				snprintf(name, sizeof(name), "RXQ%u",
 					(uint32_t)conf->queue[i]);
 
-- 
2.20.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-04-10 14:06:10.788597868 +0100
+++ 0038-net-softnic-fix-possible-buffer-overflow.patch	2019-04-10 14:06:07.931292710 +0100
@@ -1,13 +1,14 @@
-From fef6b216390f33c066ea15e9de7845dfc3ab6d6a Mon Sep 17 00:00:00 2001
+From 111ed81e6a13a08afeb2464034ae080dfc8e2e74 Mon Sep 17 00:00:00 2001
 From: Pallantla Poornima <pallantlax.poornima at intel.com>
 Date: Mon, 4 Feb 2019 07:23:48 +0000
 Subject: [PATCH] net/softnic: fix possible buffer overflow
 
+[ upstream commit fef6b216390f33c066ea15e9de7845dfc3ab6d6a ]
+
 sprintf function is not secure as it doesn't check the length of string.
 More secure function snprintf is used.
 
 Fixes: daabf2fb949b ("net/softnic: map flow action to table action")
-Cc: stable at dpdk.org
 
 Signed-off-by: Pallantla Poornima <pallantlax.poornima at intel.com>
 Reviewed-by: Ferruh Yigit <ferruh.yigit at intel.com>

Previous message: [dpdk-stable] patch 'crypto/virtio: use local log type' has been queued to LTS release 18.11.2
Next message: [dpdk-stable] patch 'drivers/net: fix shifting 32-bit signed variable 31 times' has been queued to LTS release 18.11.2
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list