Re: [EXTERNAL] [PATCH v2] app/graph: fix destination buffer too small

Sat, 06 Jul 2024 07:08:31 -0700 

On 07/04, David Marchand wrote:

> On Thu, Jun 27, 2024 at 2:44 AM Kiran Kumar Kokkilagadda
> <kirankum...@marvell.com> wrote:
> > > On 06/25, Kiran Kumar Kokkilagadda wrote: > > > From: Mahmoud Maatuq
> > > <mahmoudmatook. mm@ gmail. com> > Sent: Tuesday, June 25, 2024 1: 31
> > > AM > To: Sunil Kumar Kori <skori@ marvell. com>; Rakesh Kudurumalla
> > > <rkudurumalla@ marvell. com>;
> > > On 06/25, Kiran Kumar Kokkilagadda wrote:
> > > > Subject: [EXTERNAL] [PATCH v2] app/graph: fix destination buffer too
> > > > small
> > > >
> > > > as sizeof(config. rx. mempool_name) is < sizeof(res->mempool) we
> > > > should copy at most sizeof(config. rx. mempool_name) and replace memcpy
> > > with strlcpy as mempool name is a null terminated string Coverity issue:
> > > 415430 Fixes: 3850cb06ab9c ("app/graph:
> > > >
> > > >
> > > > as sizeof(config.rx.mempool_name) is < sizeof(res->mempool) we should
> > > >
> > > > copy at most sizeof(config.rx.mempool_name) and replace memcpy with
> > > >
> > > > strlcpy as mempool name is a null terminated string
> > > >
> > > >
> > > >
> > > > Coverity issue: 415430
> > > >
> > > > Fixes: 3850cb06ab9c ("app/graph: add ethdev commands")
> > > >
> > > > Cc: sk...@marvell.com<mailto:sk...@marvell.com>
> > > >
> > > >
> > > >
> > > > Signed-off-by: Mahmoud Maatuq
> > > >
> > > <mahmoudmatook...@gmail.com<mailto:mahmoudmatook...@gmail.co
> > > m>>
> > > >
> > > > ---
> >
> > Acked-by: Kiran Kumar Kokkilagadda <kirankum...@marvell.com>
> 
> This patch does not pass the CI, please check.

The warning in CI is clear, (truncation warning) as the size of
destination buffer: config.rx.mempool_name is around 26 bytes but the
size of of source buffer: res->mempool is 128 bytes

Some possible solutions: 
  * increase the destination buffer size: by tracking it we need to
      increase RTE_MEMZONE_NAMESIZE, (more memory consumption). 

  * if the mem pool name is usually around the same size as destination
      we could decrease the size of source buffer, but res->mempool of
      type cmdline_fixed_string_t and maybe used somewhere else that
      could also produce truncation.

  *  change the type of source buffer and use size as destination.

what do you think?

> 
> 
> -- 
> David Marchand
>

Reply via email to