All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Wiles, Keith" <keith.wiles@intel.com>
To: "Legacy, Allain (Wind River)" <allain.legacy@windriver.com>
Cc: "Richardson, Bruce" <bruce.richardson@intel.com>,
	"Dumitrescu, Cristian" <cristian.dumitrescu@intel.com>,
	"dev@dpdk.org" <dev@dpdk.org>,
	"Jolliffe, Ian (Wind River)" <ian.jolliffe@windriver.com>
Subject: Re: [PATCH 5/5] cfgfile: increase local buffer size for max	name and value
Date: Thu, 9 Mar 2017 13:46:26 +0000	[thread overview]
Message-ID: <8258C19A-889A-475B-9F29-33949ABCF8EE@intel.com> (raw)
In-Reply-To: <1488482971-170522-6-git-send-email-allain.legacy@windriver.com>


> On Mar 2, 2017, at 1:29 PM, Allain Legacy <allain.legacy@windriver.com> wrote:
> 
> From: Joseph Richard <joseph.richard@windriver.com>
> 
> When parsing a ini file with a "key = value" line that has both "key" and
> "value" sized to the maximum allowed length causes a parsing failure.  The
> internal "buffer" variable should be sized at least as large as the maximum
> for both fields.  This commit updates the local array to be sized to hold
> the max name, max value, " = ", and the nul terminator.
> 
> Signed-off-by: Allain Legacy <allain.legacy@windriver.com>
> ---
> lib/librte_cfgfile/rte_cfgfile.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/librte_cfgfile/rte_cfgfile.c b/lib/librte_cfgfile/rte_cfgfile.c
> index 28956ea..107d637 100644
> --- a/lib/librte_cfgfile/rte_cfgfile.c
> +++ b/lib/librte_cfgfile/rte_cfgfile.c
> @@ -92,7 +92,7 @@ struct rte_cfgfile *
> 	int allocated_entries = 0;
> 	int curr_section = -1;
> 	int curr_entry = -1;
> -	char buffer[256] = {0};
> +	char buffer[CFG_NAME_LEN + CFG_VALUE_LEN + 4] = {0};

Would this change still cause a failure and memory over write if the user decides to have very large string. Does the code check the lengths to make sure they are valid and return error?

If the code is testing the size and make sure a memory over write does not happen, then I am OK with acking this patch. 

> 	int lineno = 0;
> 	size_t size;
> 	struct rte_cfgfile *cfg = NULL;
> -- 
> 1.8.3.1
> 

Regards,
Keith

  reply	other threads:[~2017-03-09 13:46 UTC|newest]

Thread overview: 81+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-03-02 19:29 [PATCH 0/5] librte_cfgfile enhancement Allain Legacy
2017-03-02 19:29 ` [PATCH 1/5] cfgfile: configurable comment character Allain Legacy
2017-03-02 21:10   ` Bruce Richardson
2017-03-02 21:22     ` Legacy, Allain
2017-03-03  0:53     ` Yuanhan Liu
2017-03-03 11:17       ` Dumitrescu, Cristian
2017-03-03 11:31         ` Legacy, Allain
2017-03-03 12:07           ` Dumitrescu, Cristian
2017-03-03 12:14             ` Legacy, Allain
2017-03-03 12:17               ` Dumitrescu, Cristian
2017-03-03 12:18                 ` Legacy, Allain
2017-03-03 12:52                   ` Dumitrescu, Cristian
2017-03-03 12:10           ` Bruce Richardson
2017-03-03 12:17             ` Legacy, Allain
2017-03-03 13:10               ` Bruce Richardson
2017-03-02 19:29 ` [PATCH 2/5] cfgfile: cfg object not initialized after allocation Allain Legacy
2017-03-02 19:29 ` [PATCH 3/5] cfgfile: add support for unamed global section Allain Legacy
2017-03-03 10:53   ` Dumitrescu, Cristian
2017-03-03 11:03     ` Legacy, Allain
2017-03-03 11:06       ` Dumitrescu, Cristian
2017-03-03 11:15         ` Legacy, Allain
2017-03-03 11:18           ` Dumitrescu, Cristian
2017-03-02 19:29 ` [PATCH 4/5] cfgfile: use strnlen to constrain memchr search Allain Legacy
2017-03-02 19:29 ` [PATCH 5/5] cfgfile: increase local buffer size for max name and value Allain Legacy
2017-03-09 13:46   ` Wiles, Keith [this message]
2017-03-09 15:16     ` Legacy, Allain
2017-03-09 15:23       ` Wiles, Keith
2017-03-09 13:10 ` [PATCH v2 0/6] librte_cfgfile enhancements Allain Legacy
2017-03-09 13:10   ` [PATCH v2 1/6] test: basic unit tests for cfgfile Allain Legacy
2017-03-09 13:10   ` [PATCH v2 2/6] cfgfile: add support for unamed global section Allain Legacy
2017-03-09 13:10   ` [PATCH v2 3/6] cfgfile: configurable comment character Allain Legacy
2017-03-27 11:19     ` Dumitrescu, Cristian
2017-03-09 13:10   ` [PATCH v2 4/6] cfgfile: use strnlen to constrain memchr search Allain Legacy
2017-03-09 13:10   ` [PATCH v2 5/6] cfgfile: increase local buffer size for max name and value Allain Legacy
2017-03-09 13:11   ` [PATCH v2 6/6] cfgfile: add support for empty value string Allain Legacy
2017-03-27 10:54     ` Dumitrescu, Cristian
2017-03-27 11:12       ` Legacy, Allain
2017-03-27 11:24         ` Dumitrescu, Cristian
2017-03-27 11:15       ` Legacy, Allain
2017-03-28  8:29   ` [PATCH v2 0/6] librte_cfgfile enhancements Thomas Monjalon
2017-03-28  9:18     ` Bruce Richardson
2017-03-28  9:22       ` Bruce Richardson
2017-03-28  9:41         ` Thomas Monjalon
2017-03-28  9:58           ` Dumitrescu, Cristian
2017-03-28 10:12             ` Thomas Monjalon
2017-03-28 10:20               ` Dumitrescu, Cristian
2017-03-28 15:24               ` Bruce Richardson
2017-03-28 15:41                 ` Thomas Monjalon
2017-03-28 15:42                   ` Bruce Richardson
2017-03-28 16:44   ` [PATCH v3 " Allain Legacy
2017-03-28 16:44     ` [PATCH v3 1/6] test: basic unit tests for cfgfile Allain Legacy
2017-03-28 16:44     ` [PATCH v3 3/6] cfgfile: add support for configurable comment character Allain Legacy
2017-03-28 16:44     ` [PATCH v3 4/6] cfgfile: use strnlen to constrain memchr search Allain Legacy
2017-03-28 16:44     ` [PATCH v3 6/6] cfgfile: add support for empty value string Allain Legacy
2017-03-30 18:54     ` [PATCH v4 0/6] librte_cfgfile enhancements Allain Legacy
2017-03-30 18:54       ` [PATCH v4 1/6] test: basic unit tests for cfgfile Allain Legacy
2017-03-30 18:54       ` [PATCH v4 2/6] cfgfile: add support for global properties section Allain Legacy
2017-03-30 18:54       ` [PATCH v4 3/6] cfgfile: add support for configurable comment character Allain Legacy
2017-03-31 10:08         ` Thomas Monjalon
2017-03-31 11:08           ` Legacy, Allain
2017-03-30 18:54       ` [PATCH v4 4/6] cfgfile: use strnlen to constrain memchr search Allain Legacy
2017-03-30 18:54       ` [PATCH v4 5/6] cfgfile: increase local buffer size for max name and value Allain Legacy
2017-03-30 18:54       ` [PATCH v4 6/6] cfgfile: add support for empty value string Allain Legacy
2017-03-31  8:57       ` [PATCH v4 0/6] librte_cfgfile enhancements Dumitrescu, Cristian
2017-03-31 13:51       ` [PATCH v5 " Allain Legacy
2017-03-31 13:51         ` [PATCH v5 1/6] test: basic unit tests for cfgfile Allain Legacy
2017-03-31 13:51         ` [PATCH v5 2/6] cfgfile: add support for global properties section Allain Legacy
2017-03-31 13:52         ` [PATCH v5 3/6] cfgfile: add support for configurable comment character Allain Legacy
2017-03-31 13:52         ` [PATCH v5 4/6] cfgfile: use strnlen to constrain memchr search Allain Legacy
2017-03-31 13:52         ` [PATCH v5 5/6] cfgfile: increase local buffer size for max name and value Allain Legacy
2017-03-31 13:52         ` [PATCH v5 6/6] cfgfile: add support for empty value string Allain Legacy
2017-04-04 14:23         ` [PATCH v5 0/6] librte_cfgfile enhancements Thomas Monjalon
     [not found]   ` <20170329004737.44249-1-allain.legacy@windriver.com>
2017-03-29  0:47     ` [PATCH v3 1/6] test: basic unit tests for cfgfile Allain Legacy
2017-03-29  0:47     ` [PATCH v3 3/6] cfgfile: add support for configurable comment character Allain Legacy
2017-03-29  9:22       ` Dumitrescu, Cristian
2017-03-29 11:31         ` Legacy, Allain
2017-03-29  0:47     ` [PATCH v3 5/6] cfgfile: increase local buffer size for max name and value Allain Legacy
     [not found]     ` <20170329004737.44249-7-allain.legacy@windriver.com>
2017-03-29  9:31       ` [PATCH v3 6/6] cfgfile: add support for empty value string Dumitrescu, Cristian
2017-03-29 11:33         ` Legacy, Allain
     [not found]     ` <20170329004737.44249-3-allain.legacy@windriver.com>
2017-03-29  9:33       ` [PATCH v3 2/6] cfgfile: add support for global properties section Dumitrescu, Cristian
2017-03-29 11:35         ` Legacy, Allain

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=8258C19A-889A-475B-9F29-33949ABCF8EE@intel.com \
    --to=keith.wiles@intel.com \
    --cc=allain.legacy@windriver.com \
    --cc=bruce.richardson@intel.com \
    --cc=cristian.dumitrescu@intel.com \
    --cc=dev@dpdk.org \
    --cc=ian.jolliffe@windriver.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.