Re: [dpdk-dev] [PATCH] eal/linux: fix uevent message parsing

Wed, 03 Nov 2021 02:47:47 -0700 

On Tue, Nov 2, 2021 at 7:43 PM David Marchand <david.march...@redhat.com> wrote:
> > Caught with ASan:
> > ==9727==ERROR: AddressSanitizer: stack-buffer-overflow on address
> >   0x7f0daa2fc0d0 at pc 0x7f0daeefacb2 bp 0x7f0daa2fadd0 sp 0x7f0daa2fa578
> > READ of size 1 at 0x7f0daa2fc0d0 thread T1
> >     #0 0x7f0daeefacb1  (/lib64/libasan.so.5+0xbacb1)
> >     #1 0x115eba1 in dev_uev_parse ../lib/eal/linux/eal_dev.c:167
> >     #2 0x115f281 in dev_uev_handler ../lib/eal/linux/eal_dev.c:248
> >     #3 0x1169b91 in eal_intr_process_interrupts
> >   ../lib/eal/linux/eal_interrupts.c:1026
> >     #4 0x116a3a2 in eal_intr_handle_interrupts
> >   ../lib/eal/linux/eal_interrupts.c:1100
> >     #5 0x116a7f0 in eal_intr_thread_main
> >   ../lib/eal/linux/eal_interrupts.c:1172
> >     #6 0x112640a in ctrl_thread_init
> >   ../lib/eal/common/eal_common_thread.c:202
> >     #7 0x7f0dade27159 in start_thread (/lib64/libpthread.so.0+0x8159)
> >     #8 0x7f0dadb58f72 in clone (/lib64/libc.so.6+0xfcf72)
> >
> > Address 0x7f0daa2fc0d0 is located in stack of thread T1 at offset 4192
> >   in frame
> >     #0 0x115f0c9 in dev_uev_handler ../lib/eal/linux/eal_dev.c:226
> >
> >   This frame has 2 object(s):
> >     [32, 48) 'uevent'
> >     [96, 4192) 'buf' <== Memory access at offset 4192 overflows this
> >   variable
> > HINT: this may be a false positive if your program uses some custom
> >   stack unwind mechanism or swapcontext
> >       (longjmp and C++ exceptions *are* supported)
> > Thread T1 created by T0 here:
> >     #0 0x7f0daee92ea3 in __interceptor_pthread_create
> >   (/lib64/libasan.so.5+0x52ea3)
> >     #1 0x1126542 in rte_ctrl_thread_create
> >   ../lib/eal/common/eal_common_thread.c:228
> >     #2 0x116a8b5 in rte_eal_intr_init
> >   ../lib/eal/linux/eal_interrupts.c:1200
> >     #3 0x1159dd1 in rte_eal_init ../lib/eal/linux/eal.c:1044
> >     #4 0x7a22f8 in main ../app/test-pmd/testpmd.c:4105
> >     #5 0x7f0dada7f802 in __libc_start_main (/lib64/libc.so.6+0x23802)
>
> I sent the wrong patch, fixes ref is missing:

Zhihong had opened a bz:

Bugzilla ID: 792
> Fixes: 0d0f478d0483 ("eal/linux: add uevent parse and process")
> Cc: sta...@dpdk.org


-- 
David Marchand

Reply via email to