On 2024/10/28 23:31, Stephen Hemminger wrote:
> On Mon, 28 Oct 2024 21:04:08 +0800
> fengchengwen <fengcheng...@huawei.com> wrote:
>
>> On 2024/10/27 11:00, Stephen Hemminger wrote:
>>> On Sat, 26 Oct 2024 18:14:40 +0800
>>> Jie Hai <haij...@huawei.com> wrote:
>>>
>>>> Multiple threads calling the same function may cause condition
>>>> race issues, which often leads to abnormal behavior and can cause
>>>> more serious vulnerabilities such as abnormal termination, denial
>>>> of service, and compromised data integrity.
>>>>
>>>> The strtok() is non-reentrant, it is better to replace it with a
>>>> reentrant version.
>>>>
>>>> Fixes: 2054f31a1fcd ("mem: add memseg info in telemetry")
>>>> Cc: sta...@dpdk.org
>>>>
>>>> Signed-off-by: Jie Hai <haij...@huawei.com>
>>>> Acked-by: Chengwen Feng <fengcheng...@huawei.com>
>>>> Acked-by: Amit Prakash Shukla <amitpraka...@marvell.com>
>>>> Acked-by: Morten Brørup <m...@smartsharesystems.com>
>>>
>>> This doesn't need to go to stable. parse_params is always single threaded.
>>
>> I recommend replacing all, based on:
>> 1\ almost at no cost.
>> 2\ reduce analysis costs, if don't we have to analyze the callers of strtok
>> when you encounter it.
>>
>
> Yes but. The replacement should not go to stable.
> One of the rules of stable is that changes should be minimized, and fixes
> should
> not be accepted for things that can not ever happen with current code.
Hope more opinion from TB members.
