diff mbox series

ipc: handle more invalid parameter cases

Message ID	6b8908ab3f0d662c803dba10eba2cae989f8ef4f.1556546216.git.anatoly.burakov@intel.com (mailing list archive)
State	Accepted, archived
Headers	From: Anatoly Burakov <anatoly.burakov@intel.com> To: dev@dpdk.org Cc: keith.wiles@intel.com, herakliusz.lipiec@intel.com, stable@dpdk.org Date: Mon, 29 Apr 2019 14:59:28 +0100 Message-Id: <6b8908ab3f0d662c803dba10eba2cae989f8ef4f.1556546216.git.anatoly.burakov@intel.com> Subject: [dpdk-dev] [PATCH] ipc: handle more invalid parameter cases Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	ipc: handle more invalid parameter cases \| ipc: handle more invalid parameter cases

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK
ci/mellanox-Performance-Testing	success	Performance Testing PASS
ci/intel-Performance-Testing	success	Performance Testing PASS

Commit Message

Anatoly Burakov April 29, 2019, 1:59 p.m. UTC

  Length of buffer and number of fd's to send are signed values, so
they can be negative, but the API doesn't check for that. Fix it
by checking for negative values as well.

Fixes: bacaa2754017 ("eal: add channel for multi-process communication")
Cc: stable@dpdk.org

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---
 lib/librte_eal/common/eal_common_proc.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

Comments

Thomas Monjalon May 3, 2019, 3:07 p.m. UTC | #1

29/04/2019 15:59, Anatoly Burakov:
> Length of buffer and number of fd's to send are signed values, so
> they can be negative, but the API doesn't check for that. Fix it
> by checking for negative values as well.
> 
> Fixes: bacaa2754017 ("eal: add channel for multi-process communication")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>

Applied, thanks

diff mbox series

Patch

diff --git a/lib/librte_eal/common/eal_common_proc.c b/lib/librte_eal/common/eal_common_proc.c
index b46d644b3..42df2b3bf 100644
--- a/lib/librte_eal/common/eal_common_proc.c
+++ b/lib/librte_eal/common/eal_common_proc.c
@@ -758,6 +758,18 @@  check_input(const struct rte_mp_msg *msg)
 	if (validate_action_name(msg->name))
 		return false;
 
+	if (msg->len_param < 0) {
+		RTE_LOG(ERR, EAL, "Message data length is negative\n");
+		rte_errno = EINVAL;
+		return false;
+	}
+
+	if (msg->num_fds < 0) {
+		RTE_LOG(ERR, EAL, "Number of fd's is negative\n");
+		rte_errno = EINVAL;
+		return false;
+	}
+
 	if (msg->len_param > RTE_MP_MAX_PARAM_LEN) {
 		RTE_LOG(ERR, EAL, "Message data is too long\n");
 		rte_errno = E2BIG;