Using AI tools to review the cmdline and cfgfile libraries throws up a couple of places in the libraries where additional hardening could help prevent future issues. A number of these are purely defensive, e.g. adding NULL checks to input parameters where a well-behaved app should never call the function with a NULL value, and so those are not explicitly marked for backport.
Bruce Richardson (6): cfgfile: add null checks to public APIs cfgfile: prevent issues with overflow on resize cmdline: harden parser result buffer handling cmdline: add explicit help function for bool type cmdline: guard zero-size destination buffers cmdline: add null checks for invalid input lib/cfgfile/rte_cfgfile.c | 118 ++++++++++++++++++++--------- lib/cmdline/cmdline.c | 3 + lib/cmdline/cmdline_parse.c | 6 +- lib/cmdline/cmdline_parse_bool.c | 37 ++++++++- lib/cmdline/cmdline_parse_num.c | 2 +- lib/cmdline/cmdline_parse_string.c | 3 + lib/cmdline/cmdline_rdline.c | 3 + 7 files changed, 128 insertions(+), 44 deletions(-) -- 2.51.0
