[PATCH v13 00/17] lib: improve string overflow safety

[Stephen Hemminger <stephen@networkplumber.org>]

This series improves defensive programming by adding proper string length
validation and overflow checking throughout DPDK libraries. The goal is
to eliminate silent truncation of names and paths, provide meaningful
error feedback, and enable compiler format overflow warnings.

Motivation
----------
Many DPDK APIs accept name parameters with defined maximum lengths
(e.g., RTE_LPM_NAMESIZE, RTE_HASH_NAMESIZE). Previously, names exceeding
these limits were silently truncated via snprintf/strlcpy, potentially
causing subtle bugs like duplicate names or unexpected behavior. This
series addresses these issues systematically.

Changes Overview
----------------
The patches fall into several categories:

1. API input validation (patches 1-2, 6, 12, 16):
   - Add explicit length checks for name parameters in lpm, hash, efd,
     tailq, and cfgfile APIs
   - Return ENAMETOOLONG when names exceed limits
   - Document new error conditions in API headers
   - Add corresponding unit tests

2. Internal buffer overflow detection (patches 3-5, 8-9, 14-15):
   - Check snprintf/strlcpy return values for truncation
   - Log warnings when internal string operations truncate
   - Increase buffer sizes where they were too small
   - Use dynamic allocation (asprintf) where appropriate

3. Path handling improvements (patches 7, 10-11, 13):
   - Use standard C library routines (getmntent) for parsing /proc/mounts
   - Enforce UNIX_PATH_MAX for socket paths to fail early
   - Handle arbitrarily long shared library paths

4. Error message improvements (patches 1-2, 6):
   - Include rte_strerror() in failure messages
   - Provide more context when operations fail

5. Enable compiler warnings (patch 17):
   - Remove -Wno-format-truncation flag
   - All preceding patches fix the warnings this would trigger

API Changes
-----------
The following APIs now return ENAMETOOLONG for oversized names:
  - rte_lpm_create()
  - rte_hash_create()
  - rte_fbk_hash_create()
  - rte_efd_create()
  - rte_eal_tailq_create()
  - rte_cfgfile_add_section()
  - rte_cfgfile_add_entry()

These are documented in the release notes and header files.

Testing
-------
- Existing unit tests pass
- New test cases added for hash name length validation
- Build tested with format overflow warnings enabled


v13 - fix and cleanup get_hugefile code
      optimize using statfs() and no string handling needed.
      reword commit messages


Stephen Hemminger (17):
  lpm: reject names that exceed maximum length
  hash: reject names that exceed maximum length
  graph: avoid overflowing comment buffer
  latencystats: add check for string overflow
  telemetry: check for path overflow
  efd: handle possible name truncation
  eal: use C library to parse filesystem table
  eal: warn if thread name is truncated
  eal: avoid format overflow when handling addresses
  eal: limit maximum runtime directory and socket paths
  eal: check for hugefile path overflow
  eal: check tailq length
  eal: handle long shared library path
  ethdev: avoid possible overflow in xstat names
  vhost: check for overflow in xstat name
  cfgfile: add length checks and increase line buffer
  lib: enable format overflow warnings

 app/test/test_hash.c                   |  21 ++++
 doc/guides/rel_notes/release_26_03.rst |  13 +++
 lib/cfgfile/rte_cfgfile.c              |  42 ++++++--
 lib/cfgfile/rte_cfgfile.h              |   6 +-
 lib/eal/common/eal_common_config.c     |   6 +-
 lib/eal/common/eal_common_memory.c     |   3 +-
 lib/eal/common/eal_common_options.c    |  17 ++-
 lib/eal/common/eal_common_proc.c       |  85 +++++++++------
 lib/eal/common/eal_common_tailqs.c     |  13 ++-
 lib/eal/common/eal_filesystem.h        |  27 ++++-
 lib/eal/freebsd/eal.c                  |   6 +-
 lib/eal/linux/eal.c                    |   6 +-
 lib/eal/linux/eal_hugepage_info.c      | 138 ++++++++++---------------
 lib/eal/linux/eal_memalloc.c           |  11 +-
 lib/eal/linux/eal_memory.c             |   9 +-
 lib/eal/windows/eal.c                  |   6 +-
 lib/efd/rte_efd.c                      |  18 +++-
 lib/ethdev/rte_ethdev.c                |  35 +++++--
 lib/graph/graph_pcap.c                 |   9 +-
 lib/hash/rte_cuckoo_hash.c             |  41 +++++---
 lib/hash/rte_fbk_hash.c                |  12 ++-
 lib/hash/rte_fbk_hash.h                |   1 +
 lib/latencystats/rte_latencystats.c    |   9 +-
 lib/lpm/rte_lpm.c                      |  17 ++-
 lib/lpm/rte_lpm.h                      |   1 +
 lib/meson.build                        |   4 -
 lib/telemetry/telemetry_legacy.c       |   7 +-
 lib/vhost/vhost.c                      |  14 ++-
 28 files changed, 377 insertions(+), 200 deletions(-)

-- 
2.51.0