From mboxrd@z Thu Jan 1 00:00:00 1970 From: Olivier Matz Subject: Re: [RFC 1/2] mbuf: add a sanity check on segment metadata Date: Thu, 23 Aug 2018 09:39:42 +0200 Message-ID: <20180823073942.qnyk3jwqecm6wk3v@platinum> References: <1534176226-21911-1-git-send-email-david.marchand@6wind.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: dev@dpdk.org, Thomas Monjalon , Ferruh Yigit , Andrew Rybchenko To: David Marchand Return-path: Received: from mail.droids-corp.org (zoll.droids-corp.org [94.23.50.67]) by dpdk.org (Postfix) with ESMTP id 583A2293B for ; Thu, 23 Aug 2018 09:39:48 +0200 (CEST) Content-Disposition: inline In-Reply-To: <1534176226-21911-1-git-send-email-david.marchand@6wind.com> List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi David, On Mon, Aug 13, 2018 at 06:03:45PM +0200, David Marchand wrote: > Add some basic check on the segments offset and length metadata: > always funny to have a < 0 tailroom cast to uint16_t ;-). > > Signed-off-by: David Marchand > --- > lib/librte_mbuf/rte_mbuf.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/lib/librte_mbuf/rte_mbuf.c b/lib/librte_mbuf/rte_mbuf.c > index e714c5a..7eeef12 100644 > --- a/lib/librte_mbuf/rte_mbuf.c > +++ b/lib/librte_mbuf/rte_mbuf.c > @@ -200,6 +200,8 @@ rte_mbuf_sanity_check(const struct rte_mbuf *m, int is_header) > pkt_len = m->pkt_len; > > do { > + if (m->data_off + m->data_len > m->buf_len) > + rte_panic("bad segment metadata\n"); What about spliting the test into two? This would help to clarify the error messages. I also suggest add casts to uint32 to ensure that there is no overflow. if (m->data_off_len > m->buf_len) rte_panic("data offset too big in mbuf segment\n"); if ((uint32_t)m->data_off + (uint32_t)m->data_len > (uint32_t)m->buf_len) rte_panic("data length too big in mbuf segment\n");