patch 'net/iavf: fix potential out-of-bounds access' has been queued to stable release 20.11.5

luca.boccassi at gmail.com luca.boccassi at gmail.com
Wed Mar 9 17:30:52 CET 2022

Previous message (by thread): patch 'net/mlx5: fix MPLS/GRE Verbs spec ordering' has been queued to stable release 20.11.5
Next message (by thread): [PATCH v2] net/mlx5: fix CPU socket ID for Rx queue creation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to stable release 20.11.5

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 03/11/22. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/bluca/dpdk-stable

This queued commit can be viewed at:
https://github.com/bluca/dpdk-stable/commit/0c41b6164a61495b57976c5b26f240785e7eebc4

Thanks.

Luca Boccassi

---
>From 0c41b6164a61495b57976c5b26f240785e7eebc4 Mon Sep 17 00:00:00 2001
From: Leyi Rong <leyi.rong at intel.com>
Date: Tue, 8 Mar 2022 13:56:17 +0800
Subject: [PATCH] net/iavf: fix potential out-of-bounds access

[ upstream commit d78d21b983f215d1425422f955cbd934e48360d3 ]

Fix potential out-of-bounds access as overrunning callee's array of
size 26 by passing argument rxq->rxdid(which evaluates to 63) in call
to iavf_rx_scan_hw_ring_flex_rxd.

Coverity issue: 376616
Fixes: 0ed16e01313e ("net/iavf: fix function pointer in multi-process")

Signed-off-by: Leyi Rong <leyi.rong at intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit at intel.com>
---
 drivers/net/iavf/iavf_rxtx.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/iavf/iavf_rxtx.c b/drivers/net/iavf/iavf_rxtx.c
index 6243199f2a..c8fa912b99 100644
--- a/drivers/net/iavf/iavf_rxtx.c
+++ b/drivers/net/iavf/iavf_rxtx.c
@@ -440,7 +440,7 @@ iavf_rxd_to_pkt_fields_by_comms_aux_v2(struct iavf_rx_queue *rxq,
 }
 
 static const
-iavf_rxd_to_pkt_fields_t rxd_to_pkt_fields_ops[] = {
+iavf_rxd_to_pkt_fields_t rxd_to_pkt_fields_ops[IAVF_RXDID_LAST + 1] = {
 	[IAVF_RXDID_COMMS_AUX_VLAN] = iavf_rxd_to_pkt_fields_by_comms_aux_v1,
 	[IAVF_RXDID_COMMS_AUX_IPV4] = iavf_rxd_to_pkt_fields_by_comms_aux_v1,
 	[IAVF_RXDID_COMMS_AUX_IPV6] = iavf_rxd_to_pkt_fields_by_comms_aux_v1,
-- 
2.30.2

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2022-03-09 16:30:09.863355704 +0000
+++ 0036-net-iavf-fix-potential-out-of-bounds-access.patch	2022-03-09 16:30:08.607026496 +0000
@@ -1 +1 @@
-From d78d21b983f215d1425422f955cbd934e48360d3 Mon Sep 17 00:00:00 2001
+From 0c41b6164a61495b57976c5b26f240785e7eebc4 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit d78d21b983f215d1425422f955cbd934e48360d3 ]
+
@@ -12 +13,0 @@
-Cc: stable at dpdk.org
@@ -21 +22 @@
-index cb779879cb..16e8d021f9 100644
+index 6243199f2a..c8fa912b99 100644
@@ -24 +25 @@
-@@ -476,7 +476,7 @@ iavf_rxd_to_pkt_fields_by_comms_aux_v2(struct iavf_rx_queue *rxq,
+@@ -440,7 +440,7 @@ iavf_rxd_to_pkt_fields_by_comms_aux_v2(struct iavf_rx_queue *rxq,

Previous message (by thread): patch 'net/mlx5: fix MPLS/GRE Verbs spec ordering' has been queued to stable release 20.11.5
Next message (by thread): [PATCH v2] net/mlx5: fix CPU socket ID for Rx queue creation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list