d/numam-dpdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cmdline: fix overflow on bsd

Browse Source 
When using test-pmd with flow director in FreeBSD, the application will
segfault/Bus error while parsing the command-line. This is due to how
each commands result structure is represented during parsing, where the offsets
for each tokens value is stored in a character array(char result_buf[BUFSIZ])
in cmdline_parse()(./lib/librte_cmdline/cmdline_parse.c).

The overflow occurs where BUFSIZ is less than the size of a commands result
structure, in this case "struct cmd_pkt_filter_result"
(app/test-pmd/cmdline.c) is 1088 bytes and BUFSIZ on FreeBSD is 1024 bytes as
opposed to 8192 bytes on Linux.

The problem can be reproduced by running test-pmd on FreeBSD:
./testpmd -c 0x3 -n 4 -- -i --portmask=0x3 --pkt-filter-mode=perfect
And adding a filter:
add_perfect_filter 0 udp src 192.168.0.0 1024 dst 192.168.0.0 1024 flexbytes
0x800 vlan 0 queue 0 soft 0x17

This patch removes the OS dependency on BUFSIZ and defines and uses a
library #define CMDLINE_PARSE_RESULT_BUFSIZE 8192

Added boundary checking to ensure this buffer size cannot overflow, with
an error message being produced.

Suggested-by: Olivier Matz <olivier.matz@6wind.com>
http://git.droids-corp.org/?p=libcmdline.git;a=commitdiff;h=b1d5b169352e57df3fc14c51ffad4b83f3e5613f

Signed-off-by: Alan Carew <alan.carew@intel.com>
Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Tested-by: Bruce Richardson <bruce.richardson@intel.com>
This commit is contained in:
Alan Carew 2014-12-05 15:19:07 +01:00 committed by Thomas Monjalon
parent 29d03f7aa3
commit aaa662e75c
22 changed files with 168 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/test-pmd/parameters.c
View File

@ -223,7 +223,8 @@ init_peer_eth_addrs(char *config_filename)
if (fgets(buf, sizeof(buf), config_file) == NULL)
break;
if (cmdline_parse_etheraddr(NULL, buf, &peer_eth_addrs[i]) < 0 ){
if (cmdline_parse_etheraddr(NULL, buf, &peer_eth_addrs[i],
sizeof(peer_eth_addrs[i])) < 0) {
printf("Bad MAC address format on line %d\n", i+1);
fclose(config_file);
return -1;
@ -658,7 +659,8 @@ launch_args_parse(int argc, char** argv)
"eth-peer: port %d >= RTE_MAX_ETHPORTS(%d)\n",
n, RTE_MAX_ETHPORTS);
if (cmdline_parse_etheraddr(NULL, port_end, &peer_addr) < 0 )
if (cmdline_parse_etheraddr(NULL, port_end,
&peer_addr, sizeof(peer_addr)) < 0)
rte_exit(EXIT_FAILURE,
"Invalid ethernet address: %s\n",
port_end);

13
app/test/test_cmdline_etheraddr.c
View File

@ -130,14 +130,15 @@ test_parse_etheraddr_invalid_param(void)
int ret = 0;
/* try all null */
ret = cmdline_parse_etheraddr(NULL, NULL, NULL);
ret = cmdline_parse_etheraddr(NULL, NULL, NULL, 0);
if (ret != -1) {
printf("Error: parser accepted null parameters!\n");
return -1;
}
/* try null buf */
ret = cmdline_parse_etheraddr(NULL, NULL, (void*)&result);
ret = cmdline_parse_etheraddr(NULL, NULL, (void*)&result,
sizeof(result));
if (ret != -1) {
printf("Error: parser accepted null string!\n");
return -1;
@ -149,7 +150,7 @@ test_parse_etheraddr_invalid_param(void)
snprintf(buf, sizeof(buf), "%s",
ether_addr_valid_strs[0].str);
ret = cmdline_parse_etheraddr(NULL, buf, NULL);
ret = cmdline_parse_etheraddr(NULL, buf, NULL, 0);
if (ret == -1) {
printf("Error: parser rejected null result!\n");
return -1;
@ -185,7 +186,7 @@ test_parse_etheraddr_invalid_data(void)
memset(&result, 0, sizeof(struct ether_addr));
ret = cmdline_parse_etheraddr(NULL, ether_addr_invalid_strs[i],
(void*)&result);
(void*)&result, sizeof(result));
if (ret != -1) {
printf("Error: parsing %s succeeded!\n",
ether_addr_invalid_strs[i]);
@ -210,7 +211,7 @@ test_parse_etheraddr_valid(void)
memset(&result, 0, sizeof(struct ether_addr));
ret = cmdline_parse_etheraddr(NULL, ether_addr_valid_strs[i].str,
(void*)&result);
(void*)&result, sizeof(result));
if (ret < 0) {
printf("Error: parsing %s failed!\n",
ether_addr_valid_strs[i].str);
@ -229,7 +230,7 @@ test_parse_etheraddr_valid(void)
memset(&result, 0, sizeof(struct ether_addr));
ret = cmdline_parse_etheraddr(NULL, ether_addr_garbage_strs[i],
(void*)&result);
(void*)&result, sizeof(result));
if (ret < 0) {
printf("Error: parsing %s failed!\n",
ether_addr_garbage_strs[i]);

27
app/test/test_cmdline_ipaddr.c
View File

@ -425,7 +425,8 @@ test_parse_ipaddr_valid(void)
buf, sizeof(buf));
ret = cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
ipaddr_valid_strs[i].str, (void*)&result);
ipaddr_valid_strs[i].str, (void*)&result,
sizeof(result));
/* if should have passed, or should have failed */
if ((ret < 0) ==
@ -474,7 +475,8 @@ test_parse_ipaddr_valid(void)
buf, sizeof(buf));
ret = cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
ipaddr_garbage_addr4_strs[i], (void*)&result);
ipaddr_garbage_addr4_strs[i], (void*)&result,
sizeof(result));
/* if should have passed, or should have failed */
if ((ret < 0) ==
@ -515,7 +517,8 @@ test_parse_ipaddr_valid(void)
buf, sizeof(buf));
ret = cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
ipaddr_garbage_addr6_strs[i], (void*)&result);
ipaddr_garbage_addr6_strs[i], (void*)&result,
sizeof(result));
/* if should have passed, or should have failed */
if ((ret < 0) ==
@ -557,7 +560,8 @@ test_parse_ipaddr_valid(void)
buf, sizeof(buf));
ret = cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
ipaddr_garbage_network4_strs[i], (void*)&result);
ipaddr_garbage_network4_strs[i], (void*)&result,
sizeof(result));
/* if should have passed, or should have failed */
if ((ret < 0) ==
@ -598,7 +602,8 @@ test_parse_ipaddr_valid(void)
buf, sizeof(buf));
ret = cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
ipaddr_garbage_network6_strs[i], (void*)&result);
ipaddr_garbage_network6_strs[i], (void*)&result,
sizeof(result));
/* if should have passed, or should have failed */
if ((ret < 0) ==
@ -651,7 +656,8 @@ test_parse_ipaddr_invalid_data(void)
buf, sizeof(buf));
ret = cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
ipaddr_invalid_strs[i], (void*)&result);
ipaddr_invalid_strs[i], (void*)&result,
sizeof(result));
if (ret != -1) {
printf("Error: parsing %s as %s succeeded!\n",
@ -677,25 +683,26 @@ test_parse_ipaddr_invalid_param(void)
token.ipaddr_data.flags = CMDLINE_IPADDR_V4;
/* null token */
if (cmdline_parse_ipaddr(NULL, buf, (void*)&result) != -1) {
if (cmdline_parse_ipaddr(NULL, buf, (void*)&result,
sizeof(result)) != -1) {
printf("Error: parser accepted invalid parameters!\n");
return -1;
}
/* null buffer */
if (cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
NULL, (void*)&result) != -1) {
NULL, (void*)&result, sizeof(result)) != -1) {
printf("Error: parser accepted invalid parameters!\n");
return -1;
}
/* empty buffer */
if (cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
"", (void*)&result) != -1) {
"", (void*)&result, sizeof(result)) != -1) {
printf("Error: parser accepted invalid parameters!\n");
return -1;
}
/* null result */
if (cmdline_parse_ipaddr((cmdline_parse_token_hdr_t*)&token,
buf, NULL) == -1) {
buf, NULL, 0) == -1) {
printf("Error: parser rejected null result!\n");
return -1;
}

31
app/test/test_cmdline_num.c
View File

@ -350,14 +350,14 @@ test_parse_num_invalid_param(void)
num_valid_positive_strs[0].str);
/* try all null */
ret = cmdline_parse_num(NULL, NULL, NULL);
ret = cmdline_parse_num(NULL, NULL, NULL, 0);
if (ret != -1) {
printf("Error: parser accepted null parameters!\n");
return -1;
}
/* try null token */
ret = cmdline_parse_num(NULL, buf, (void*)&result);
ret = cmdline_parse_num(NULL, buf, (void*)&result, sizeof(result));
if (ret != -1) {
printf("Error: parser accepted null token!\n");
return -1;
@ -365,14 +365,15 @@ test_parse_num_invalid_param(void)
/* try null buf */
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*)&token, NULL,
(void*)&result);
(void*)&result, sizeof(result));
if (ret != -1) {
printf("Error: parser accepted null string!\n");
return -1;
}
/* try null result */
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*)&token, buf, NULL);
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*)&token, buf,
NULL, 0);
if (ret == -1) {
printf("Error: parser rejected null result!\n");
return -1;
@ -426,7 +427,7 @@ test_parse_num_invalid_data(void)
memset(&buf, 0, sizeof(buf));
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*)&token,
num_invalid_strs[i], (void*)&result);
num_invalid_strs[i], (void*)&result, sizeof(result));
if (ret != -1) {
/* get some info about what we are trying to parse */
cmdline_get_help_num((cmdline_parse_token_hdr_t*)&token,
@ -466,8 +467,9 @@ test_parse_num_valid(void)
cmdline_get_help_num((cmdline_parse_token_hdr_t*)&token,
buf, sizeof(buf));
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*) &token, num_valid_positive_strs[i].str,
(void*)&result);
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*) &token,
num_valid_positive_strs[i].str,
(void*)&result, sizeof(result));
/* if it should have passed but didn't, or if it should have failed but didn't */
if ((ret < 0) == (can_parse_unsigned(num_valid_positive_strs[i].result, type) > 0)) {
@ -493,8 +495,9 @@ test_parse_num_valid(void)
cmdline_get_help_num((cmdline_parse_token_hdr_t*)&token,
buf, sizeof(buf));
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*) &token, num_valid_negative_strs[i].str,
(void*)&result);
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*) &token,
num_valid_negative_strs[i].str,
(void*)&result, sizeof(result));
/* if it should have passed but didn't, or if it should have failed but didn't */
if ((ret < 0) == (can_parse_signed(num_valid_negative_strs[i].result, type) > 0)) {
@ -542,8 +545,9 @@ test_parse_num_valid(void)
cmdline_get_help_num((cmdline_parse_token_hdr_t*)&token,
buf, sizeof(buf));
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*) &token, num_garbage_positive_strs[i].str,
(void*)&result);
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*) &token,
num_garbage_positive_strs[i].str,
(void*)&result, sizeof(result));
/* if it should have passed but didn't, or if it should have failed but didn't */
if ((ret < 0) == (can_parse_unsigned(num_garbage_positive_strs[i].result, type) > 0)) {
@ -569,8 +573,9 @@ test_parse_num_valid(void)
cmdline_get_help_num((cmdline_parse_token_hdr_t*)&token,
buf, sizeof(buf));
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*) &token, num_garbage_negative_strs[i].str,
(void*)&result);
ret = cmdline_parse_num((cmdline_parse_token_hdr_t*) &token,
num_garbage_negative_strs[i].str,
(void*)&result, sizeof(result));
/* if it should have passed but didn't, or if it should have failed but didn't */
if ((ret < 0) == (can_parse_signed(num_garbage_negative_strs[i].result, type) > 0)) {

13
app/test/test_cmdline_portlist.c
View File

@ -139,21 +139,22 @@ test_parse_portlist_invalid_param(void)
memset(&result, 0, sizeof(cmdline_portlist_t));
/* try all null */
ret = cmdline_parse_portlist(NULL, NULL, NULL);
ret = cmdline_parse_portlist(NULL, NULL, NULL, 0);
if (ret != -1) {
printf("Error: parser accepted null parameters!\n");
return -1;
}
/* try null buf */
ret = cmdline_parse_portlist(NULL, NULL, (void*)&result);
ret = cmdline_parse_portlist(NULL, NULL, (void*)&result,
sizeof(result));
if (ret != -1) {
printf("Error: parser accepted null string!\n");
return -1;
}
/* try null result */
ret = cmdline_parse_portlist(NULL, portlist_valid_strs[0].str, NULL);
ret = cmdline_parse_portlist(NULL, portlist_valid_strs[0].str, NULL, 0);
if (ret == -1) {
printf("Error: parser rejected null result!\n");
return -1;
@ -188,7 +189,7 @@ test_parse_portlist_invalid_data(void)
memset(&result, 0, sizeof(cmdline_portlist_t));
ret = cmdline_parse_portlist(NULL, portlist_invalid_strs[i],
(void*)&result);
(void*)&result, sizeof(result));
if (ret != -1) {
printf("Error: parsing %s succeeded!\n",
portlist_invalid_strs[i]);
@ -213,7 +214,7 @@ test_parse_portlist_valid(void)
memset(&result, 0, sizeof(cmdline_portlist_t));
ret = cmdline_parse_portlist(NULL, portlist_valid_strs[i].str,
(void*)&result);
(void*)&result, sizeof(result));
if (ret < 0) {
printf("Error: parsing %s failed!\n",
portlist_valid_strs[i].str);
@ -232,7 +233,7 @@ test_parse_portlist_valid(void)
memset(&result, 0, sizeof(cmdline_portlist_t));
ret = cmdline_parse_portlist(NULL, portlist_garbage_strs[i],
(void*)&result);
(void*)&result, sizeof(result));
if (ret < 0) {
printf("Error: parsing %s failed!\n",
portlist_garbage_strs[i]);

13
app/test/test_cmdline_string.c
View File

@ -178,7 +178,7 @@ test_parse_string_invalid_param(void)
printf("Error: function accepted null token!\n");
return -1;
}
if (cmdline_parse_string(NULL, buf, NULL) != -1) {
if (cmdline_parse_string(NULL, buf, NULL, 0) != -1) {
printf("Error: function accepted null token!\n");
return -1;
}
@ -189,7 +189,8 @@ test_parse_string_invalid_param(void)
return -1;
}
if (cmdline_parse_string(
(cmdline_parse_token_hdr_t*)&token, NULL, (void*)&result) != -1) {
(cmdline_parse_token_hdr_t*)&token, NULL,
(void*)&result, sizeof(result)) != -1) {
printf("Error: function accepted null buffer!\n");
return -1;
}
@ -200,7 +201,7 @@ test_parse_string_invalid_param(void)
}
/* test null result */
if (cmdline_parse_string(
(cmdline_parse_token_hdr_t*)&token, buf, NULL) == -1) {
(cmdline_parse_token_hdr_t*)&token, buf, NULL, 0) == -1) {
printf("Error: function rejected null result!\n");
return -1;
}
@ -233,7 +234,8 @@ test_parse_string_invalid_data(void)
token.string_data.str = string_invalid_strs[i].fixed_str;
if (cmdline_parse_string((cmdline_parse_token_hdr_t*)&token,
string_invalid_strs[i].str, (void*)buf) != -1) {
string_invalid_strs[i].str, (void*)buf,
sizeof(buf)) != -1) {
memset(help_str, 0, sizeof(help_str));
memset(&help_token, 0, sizeof(help_token));
@ -330,7 +332,8 @@ test_parse_string_valid(void)
token.string_data.str = string_parse_strs[i].fixed_str;
if (cmdline_parse_string((cmdline_parse_token_hdr_t*)&token,
string_parse_strs[i].str, (void*)buf) < 0) {
string_parse_strs[i].str, (void*)buf,
sizeof(buf)) < 0) {
/* clean help data */
memset(&help_token, 0, sizeof(help_token));

6
examples/cmdline/parse_obj_list.c
View File

@ -84,7 +84,8 @@ struct cmdline_token_ops token_obj_list_ops = {
};
int
parse_obj_list(cmdline_parse_token_hdr_t *tk, const char *buf, void *res)
parse_obj_list(cmdline_parse_token_hdr_t *tk, const char *buf, void *res,
unsigned ressize)
{
struct token_obj_list *tk2 = (struct token_obj_list *)tk;
struct token_obj_list_data *tkd = &tk2->obj_list_data;
@ -94,6 +95,9 @@ parse_obj_list(cmdline_parse_token_hdr_t *tk, const char *buf, void *res)
if (*buf == 0)
return -1;
if (res && ressize < sizeof(struct object *))
return -1;
while(!cmdline_isendoftoken(buf[token_len]))
token_len++;

3
examples/cmdline/parse_obj_list.h
View File

@ -91,7 +91,8 @@ typedef struct token_obj_list parse_token_obj_list_t;
extern struct cmdline_token_ops token_obj_list_ops;
int parse_obj_list(cmdline_parse_token_hdr_t *tk, const char *srcbuf, void *res);
int parse_obj_list(cmdline_parse_token_hdr_t *tk, const char *srcbuf, void *res,
unsigned ressize);
int complete_get_nb_obj_list(cmdline_parse_token_hdr_t *tk);
int complete_get_elt_obj_list(cmdline_parse_token_hdr_t *tk, int idx,
char *dstbuf, unsigned int size);

5
examples/vhost_xen/xenstore_parse.c
View File

@ -77,7 +77,7 @@ struct grant_node_item {
} __attribute__((packed));
int cmdline_parse_etheraddr(void *tk, const char *srcbuf,
void *res);
void *res, unsigned ressize);
/* Map grant ref refid at addr_ori*/
static void *
@ -676,7 +676,8 @@ xen_parse_etheraddr(struct xen_vring *vring)
if ((buf = xen_read_node(path, &len)) == NULL)
goto out;
if (cmdline_parse_etheraddr(NULL, buf, &vring->addr) < 0)
if (cmdline_parse_etheraddr(NULL, buf, &vring->addr,
sizeof(vring->addr)) < 0)
goto out;
ret = 0;
out:

35
lib/librte_cmdline/cmdline_parse.c
View File

@ -138,7 +138,7 @@ nb_common_chars(const char * s1, const char * s2)
*/
static int
match_inst(cmdline_parse_inst_t *inst, const char *buf,
unsigned int nb_match_token, void * result_buf)
unsigned int nb_match_token, void *resbuf, unsigned resbuf_size)
{
unsigned int token_num=0;
cmdline_parse_token_hdr_t * token_p;
@ -162,12 +162,23 @@ match_inst(cmdline_parse_inst_t *inst, const char *buf,
if ( isendofline(*buf) || iscomment(*buf) )
break;
if (result_buf)
n = token_hdr.ops->parse(token_p, buf,
(char *)result_buf +
token_hdr.offset);
else
n = token_hdr.ops->parse(token_p, buf, NULL);
if (resbuf == NULL) {
n = token_hdr.ops->parse(token_p, buf, NULL, 0);
} else {
unsigned rb_sz;
if (token_hdr.offset > resbuf_size) {
printf("Parse error(%s:%d): Token offset(%u) "
"exceeds maximum size(%u)\n",
__FILE__, __LINE__,
token_hdr.offset, resbuf_size);
return -ENOBUFS;
}
rb_sz = resbuf_size - token_hdr.offset;
n = token_hdr.ops->parse(token_p, buf, (char *)resbuf +
token_hdr.offset, rb_sz);
}
if (n < 0)
break;
@ -219,7 +230,7 @@ cmdline_parse(struct cmdline *cl, const char * buf)
unsigned int inst_num=0;
cmdline_parse_inst_t *inst;
const char *curbuf;
char result_buf[BUFSIZ];
char result_buf[CMDLINE_PARSE_RESULT_BUFSIZE];
void (*f)(void *, struct cmdline *, void *) = NULL;
void *data = NULL;
int comment = 0;
@ -280,7 +291,7 @@ cmdline_parse(struct cmdline *cl, const char * buf)
debug_printf("INST %d\n", inst_num);
/* fully parsed */
tok = match_inst(inst, buf, 0, result_buf);
tok = match_inst(inst, buf, 0, result_buf, sizeof(result_buf));
if (tok > 0) /* we matched at least one token */
err = CMDLINE_PARSE_BAD_ARGS;
@ -377,10 +388,10 @@ cmdline_complete(struct cmdline *cl, const char *buf, int *state,
inst = ctx[inst_num];
while (inst) {
/* parse the first tokens of the inst */
if (nb_token && match_inst(inst, buf, nb_token, NULL))
if (nb_token && match_inst(inst, buf, nb_token, NULL, 0))
goto next;
debug_printf("instruction match \n");
debug_printf("instruction match\n");
token_p = inst->tokens[nb_token];
if (token_p)
memcpy(&token_hdr, token_p, sizeof(token_hdr));
@ -471,7 +482,7 @@ cmdline_complete(struct cmdline *cl, const char *buf, int *state,
/* we need to redo it */
inst = ctx[inst_num];
if (nb_token && match_inst(inst, buf, nb_token, NULL))
if (nb_token && match_inst(inst, buf, nb_token, NULL, 0))
goto next2;
token_p = inst->tokens[nb_token];

11
lib/librte_cmdline/cmdline_parse.h
View File

@ -80,6 +80,9 @@ extern "C" {
#define CMDLINE_PARSE_COMPLETE_AGAIN 1
#define CMDLINE_PARSE_COMPLETED_BUFFER 2
/* maximum buffer size for parsed result */
#define CMDLINE_PARSE_RESULT_BUFSIZE 8192
/**
* Stores a pointer to the ops struct, and the offset: the place to
* write the parsed result in the destination structure.
@ -110,12 +113,14 @@ typedef struct cmdline_token_hdr cmdline_parse_token_hdr_t;
* -1 on error and 0 on success.
*/
struct cmdline_token_ops {
/** parse(token ptr, buf, res pts) */
int (*parse)(cmdline_parse_token_hdr_t *, const char *, void *);
/** parse(token ptr, buf, res pts, buf len) */
int (*parse)(cmdline_parse_token_hdr_t *, const char *, void *,
unsigned int);
/** return the num of possible choices for this token */
int (*complete_get_nb)(cmdline_parse_token_hdr_t *);
/** return the elt x for this token (token, idx, dstbuf, size) */
int (*complete_get_elt)(cmdline_parse_token_hdr_t *, int, char *, unsigned int);
int (*complete_get_elt)(cmdline_parse_token_hdr_t *, int, char *,
unsigned int);
/** get help for this token (token, dstbuf, size) */
int (*get_help)(cmdline_parse_token_hdr_t *, char *, unsigned int);
};

5
lib/librte_cmdline/cmdline_parse_etheraddr.c
View File

@ -137,12 +137,15 @@ my_ether_aton(const char *a)
int
cmdline_parse_etheraddr(__attribute__((unused)) cmdline_parse_token_hdr_t *tk,
const char *buf, void *res)
const char *buf, void *res, unsigned ressize)
{
unsigned int token_len = 0;
char ether_str[ETHER_ADDRSTRLENLONG+1];
struct ether_addr *tmp;
if (res && ressize < sizeof(struct ether_addr))
return -1;
if (!buf || ! *buf)
return -1;

4
lib/librte_cmdline/cmdline_parse_etheraddr.h
View File

@ -73,9 +73,9 @@ typedef struct cmdline_token_etheraddr cmdline_parse_token_etheraddr_t;
extern struct cmdline_token_ops cmdline_token_etheraddr_ops;
int cmdline_parse_etheraddr(cmdline_parse_token_hdr_t *tk, const char *srcbuf,
void *res);
void *res, unsigned ressize);
int cmdline_get_help_etheraddr(cmdline_parse_token_hdr_t *tk, char *dstbuf,
unsigned int size);
unsigned int size);
#define TOKEN_ETHERADDR_INITIALIZER(structure, field) \
{ \

6
lib/librte_cmdline/cmdline_parse_ipaddr.c
View File

@ -306,7 +306,8 @@ inet_pton6(const char *src, unsigned char *dst)
}
int
cmdline_parse_ipaddr(cmdline_parse_token_hdr_t *tk, const char *buf, void *res)
cmdline_parse_ipaddr(cmdline_parse_token_hdr_t *tk, const char *buf, void *res,
unsigned ressize)
{
struct cmdline_token_ipaddr *tk2;
unsigned int token_len = 0;
@ -315,6 +316,9 @@ cmdline_parse_ipaddr(cmdline_parse_token_hdr_t *tk, const char *buf, void *res)
char *prefix, *prefix_end;
long prefixlen = 0;
if (res && ressize < sizeof(cmdline_ipaddr_t))
return -1;
if (!buf || !tk || ! *buf)
return -1;

4
lib/librte_cmdline/cmdline_parse_ipaddr.h
View File

@ -92,9 +92,9 @@ typedef struct cmdline_token_ipaddr cmdline_parse_token_ipaddr_t;
extern struct cmdline_token_ops cmdline_token_ipaddr_ops;
int cmdline_parse_ipaddr(cmdline_parse_token_hdr_t *tk, const char *srcbuf,
void *res);
void *res, unsigned ressize);
int cmdline_get_help_ipaddr(cmdline_parse_token_hdr_t *tk, char *dstbuf,
unsigned int size);
unsigned int size);
#define TOKEN_IPADDR_INITIALIZER(structure, field) \
{ \

38
lib/librte_cmdline/cmdline_parse_num.c
View File

@ -119,10 +119,40 @@ add_to_res(unsigned int c, uint64_t *res, unsigned int base)
return 0;
}
static int
check_res_size(struct cmdline_token_num_data *nd, unsigned ressize)
{
switch (nd->type) {
case INT8:
case UINT8:
if (ressize < sizeof(int8_t))
return -1;
break;
case INT16:
case UINT16:
if (ressize < sizeof(int16_t))
return -1;
break;
case INT32:
case UINT32:
if (ressize < sizeof(int32_t))
return -1;
break;
case INT64:
case UINT64:
if (ressize < sizeof(int64_t))
return -1;
break;
default:
return -1;
}
return 0;
}
/* parse an int */
int
cmdline_parse_num(cmdline_parse_token_hdr_t *tk, const char *srcbuf, void *res)
cmdline_parse_num(cmdline_parse_token_hdr_t *tk, const char *srcbuf, void *res,
unsigned ressize)
{
struct cmdline_token_num_data nd;
enum num_parse_state_t st = START;
@ -141,6 +171,12 @@ cmdline_parse_num(cmdline_parse_token_hdr_t *tk, const char *srcbuf, void *res)
memcpy(&nd, &((struct cmdline_token_num *)tk)->num_data, sizeof(nd));
/* check that we have enough room in res */
if (res) {
if (check_res_size(&nd, ressize) < 0)
return -1;
}
while ( st != ERROR && c && ! cmdline_isendoftoken(c) ) {
debug_printf("%c %x -> ", c, c);
switch (st) {

4
lib/librte_cmdline/cmdline_parse_num.h
View File

@ -89,9 +89,9 @@ typedef struct cmdline_token_num cmdline_parse_token_num_t;
extern struct cmdline_token_ops cmdline_token_num_ops;
int cmdline_parse_num(cmdline_parse_token_hdr_t *tk,
const char *srcbuf, void *res);
const char *srcbuf, void *res, unsigned ressize);
int cmdline_get_help_num(cmdline_parse_token_hdr_t *tk,
char *dstbuf, unsigned int size);
char *dstbuf, unsigned int size);
#define TOKEN_NUM_INITIALIZER(structure, field, numtype) \
{ \

5
lib/librte_cmdline/cmdline_parse_portlist.c
View File

@ -127,7 +127,7 @@ parse_ports(cmdline_portlist_t * pl, const char * str)
int
cmdline_parse_portlist(__attribute__((unused)) cmdline_parse_token_hdr_t *tk,
const char *buf, void *res)
const char *buf, void *res, unsigned ressize)
{
unsigned int token_len = 0;
char portlist_str[PORTLIST_TOKEN_SIZE+1];
@ -136,6 +136,9 @@ cmdline_parse_portlist(__attribute__((unused)) cmdline_parse_token_hdr_t *tk,
if (!buf || ! *buf)
return (-1);
if (res && ressize < PORTLIST_TOKEN_SIZE)
return -1;
pl = res;
while (!cmdline_isendoftoken(buf[token_len]) &&

4
lib/librte_cmdline/cmdline_parse_portlist.h
View File

@ -81,9 +81,9 @@ typedef struct cmdline_token_portlist cmdline_parse_token_portlist_t;
extern struct cmdline_token_ops cmdline_token_portlist_ops;
int cmdline_parse_portlist(cmdline_parse_token_hdr_t *tk,
const char *srcbuf, void *res);
const char *srcbuf, void *res, unsigned ressize);
int cmdline_get_help_portlist(cmdline_parse_token_hdr_t *tk,
char *dstbuf, unsigned int size);
char *dstbuf, unsigned int size);
#define TOKEN_PORTLIST_INITIALIZER(structure, field) \
{ \

6
lib/librte_cmdline/cmdline_parse_string.c
View File

@ -105,13 +105,17 @@ get_next_token(const char *s)
}
int
cmdline_parse_string(cmdline_parse_token_hdr_t *tk, const char *buf, void *res)
cmdline_parse_string(cmdline_parse_token_hdr_t *tk, const char *buf, void *res,
unsigned ressize)
{
struct cmdline_token_string *tk2;
struct cmdline_token_string_data *sd;
unsigned int token_len;
const char *str;
if (res && ressize < STR_TOKEN_SIZE)
return -1;
if (!tk || !buf || ! *buf)
return -1;

2
lib/librte_cmdline/cmdline_parse_string.h
View File

@ -83,7 +83,7 @@ typedef struct cmdline_token_string cmdline_parse_token_string_t;
extern struct cmdline_token_ops cmdline_token_string_ops;
int cmdline_parse_string(cmdline_parse_token_hdr_t *tk, const char *srcbuf,
void *res);
void *res, unsigned ressize);
int cmdline_complete_get_nb_string(cmdline_parse_token_hdr_t *tk);
int cmdline_complete_get_elt_string(cmdline_parse_token_hdr_t *tk, int idx,
char *dstbuf, unsigned int size);

3
lib/librte_pmd_bond/rte_eth_bond_args.c
View File

@ -254,7 +254,8 @@ bond_ethdev_parse_bond_mac_addr_kvarg(const char *key __rte_unused,
return -1;
/* Parse MAC */
return cmdline_parse_etheraddr(NULL, value, extra_args);
return cmdline_parse_etheraddr(NULL, value, extra_args,
sizeof(struct ether_addr));
}
int