From: Bruce Richardson <bruce.richardson@intel.com>
To: Stephen Hemminger <stephen@networkplumber.org>
Cc: <dev@dpdk.org>
Subject: Re: [PATCH 0/8] telemetry: thread-safe and bounded parameter parsing
Date: Mon, 8 Jun 2026 08:55:56 +0100 [thread overview]
Message-ID: <aiZ1jB3_MaDP4OTK@bricha3-mobl1.ger.corp.intel.com> (raw)
In-Reply-To: <20260605205253.520196-1-stephen@networkplumber.org>
On Fri, Jun 05, 2026 at 01:50:57PM -0700, Stephen Hemminger wrote:
> While looking into extending telemetry for other uses, I noticed a
> pattern of unsafe string handling in the command handlers. They run one
> thread per client connection but parse parameters with non-reentrant
> strtok(), and convert ids with atoi()/unchecked strtoul() that silently
> truncate or alias out-of-range values; in eth_rx the strtok()
> continuation chain can also dereference freed memory.
>
> This series covers the library code (telemetry, ethdev, dmadev, security,
> eventdev, eth_rx, timer). A follow-up is needed for the same strtok()
> use in drivers.
>
> They are marked for stable: the races and the use-after-free are real and
> the changes are low-risk to backport. But severity is low since telemetry is
> not a remote interface, but these are the kind of issues likely to
> be found by AI security scanning tools.
>
> In future, atoi() and strtok() look worth adding to the forbidden
> tokens list in devtools/checkpatches.sh.
>
> Stephen Hemminger (8):
> telemetry: fix thread-unsafe command parsing
> ethdev: make telemetry parameter parsing thread-safe
> dmadev: validate telemetry parameters
> security: harden telemetry parameter parsing
> eventdev: remove strtok from telemetry handlers
> eventdev/eth_rx: fix thread-unsafe telemetry parsing
> eventdev/eth_rx: reject out-of-range telemetry adapter ID
> eventdev/timer: reject out-of-range ID
>
Series-Acked-by: Bruce Richardson <bruce.richardson@intel.com>
next prev parent reply other threads:[~2026-06-08 7:56 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-05 20:50 [PATCH 0/8] telemetry: thread-safe and bounded parameter parsing Stephen Hemminger
2026-06-05 20:50 ` [PATCH 1/8] telemetry: fix thread-unsafe command parsing Stephen Hemminger
2026-06-08 1:25 ` fengchengwen
2026-06-08 7:49 ` Bruce Richardson
2026-06-05 20:50 ` [PATCH 2/8] ethdev: make telemetry parameter parsing thread-safe Stephen Hemminger
2026-06-08 1:26 ` fengchengwen
2026-06-05 20:51 ` [PATCH 3/8] dmadev: validate telemetry parameters Stephen Hemminger
2026-06-08 1:20 ` fengchengwen
2026-06-05 20:51 ` [PATCH 4/8] security: harden telemetry parameter parsing Stephen Hemminger
2026-06-05 20:51 ` [PATCH 5/8] eventdev: remove strtok from telemetry handlers Stephen Hemminger
2026-06-05 20:51 ` [PATCH 6/8] eventdev/eth_rx: fix thread-unsafe telemetry parsing Stephen Hemminger
2026-06-05 20:51 ` [PATCH 7/8] eventdev/eth_rx: reject out-of-range telemetry adapter ID Stephen Hemminger
2026-06-05 20:51 ` [PATCH 8/8] eventdev/timer: reject out-of-range ID Stephen Hemminger
2026-06-06 6:08 ` [PATCH 0/8] telemetry: thread-safe and bounded parameter parsing Stephen Hemminger
2026-06-08 7:55 ` Bruce Richardson [this message]
2026-06-10 20:42 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aiZ1jB3_MaDP4OTK@bricha3-mobl1.ger.corp.intel.com \
--to=bruce.richardson@intel.com \
--cc=dev@dpdk.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox