Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/28986/?format=api
http://patches.dpdk.org/api/patches/28986/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20170920091917.3929-1-danielx.t.mrzyglod@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20170920091917.3929-1-danielx.t.mrzyglod@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20170920091917.3929-1-danielx.t.mrzyglod@intel.com", "date": "2017-09-20T09:19:17", "name": "[dpdk-dev] net/virtio: fix of untrusted scalar value", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "2eb55e19070d8929ccffa6c0daaf48819ab05ac1", "submitter": { "id": 23, "url": "http://patches.dpdk.org/api/people/23/?format=api", "name": "Daniel Mrzyglod", "email": "danielx.t.mrzyglod@intel.com" }, "delegate": null, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20170920091917.3929-1-danielx.t.mrzyglod@intel.com/mbox/", "series": [], "comments": "http://patches.dpdk.org/api/patches/28986/comments/", "check": "fail", "checks": "http://patches.dpdk.org/api/patches/28986/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@dpdk.org", "Delivered-To": "patchwork@dpdk.org", "Received": [ "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 03C027D4E;\n\tWed, 20 Sep 2017 11:24:03 +0200 (CEST)", "from mga07.intel.com (mga07.intel.com [134.134.136.100])\n\tby dpdk.org (Postfix) with ESMTP id C8E7B7D4E\n\tfor <dev@dpdk.org>; Wed, 20 Sep 2017 11:24:01 +0200 (CEST)", "from orsmga001.jf.intel.com ([10.7.209.18])\n\tby orsmga105.jf.intel.com with ESMTP; 20 Sep 2017 02:24:00 -0700", "from unknown (HELO Sent) ([10.103.102.81])\n\tby orsmga001.jf.intel.com with SMTP; 20 Sep 2017 02:23:57 -0700", "by Sent (sSMTP sendmail emulation); Wed, 20 Sep 2017 11:19:30 +0200" ], "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos; i=\"5.42,420,1500966000\"; d=\"scan'208\";\n\ta=\"1174079458\"", "From": "Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>", "To": "yliu@fridaylinux.org", "Cc": "dev@dpdk.org, Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>,\n\tjianfeng.tan@intel.com", "Date": "Wed, 20 Sep 2017 11:19:17 +0200", "Message-Id": "<20170920091917.3929-1-danielx.t.mrzyglod@intel.com>", "X-Mailer": "git-send-email 2.13.5", "Subject": "[dpdk-dev] [PATCH] net/virtio: fix of untrusted scalar value", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<http://dpdk.org/ml/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://dpdk.org/ml/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<http://dpdk.org/ml/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "The unscrutinized value may be incorrectly assumed to be within a certain\nrange by later operations.\n\nIn vhost_user_read: An unscrutinized value from an untrusted source used\nin a trusted context - the value of sz_payload may be harmfull and we need\nlimit them to the max value of payload.\n\nFixes: 6a84c37e3975 (\"net/virtio-user: add vhost-user adapter layer\")\nCc: jianfeng.tan@intel.com\n\nSigned-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>\n---\n drivers/net/virtio/virtio_user/vhost_user.c | 4 ++++\n 1 file changed, 4 insertions(+)", "diff": "diff --git a/drivers/net/virtio/virtio_user/vhost_user.c b/drivers/net/virtio/virtio_user/vhost_user.c\nindex 4ad7b21..b490336 100644\n--- a/drivers/net/virtio/virtio_user/vhost_user.c\n+++ b/drivers/net/virtio/virtio_user/vhost_user.c\n@@ -130,6 +130,10 @@ vhost_user_read(int fd, struct vhost_user_msg *msg)\n \t}\n \n \tsz_payload = msg->size;\n+\n+\tif (sz_payload > sizeof(msg->payload))\n+\t\tgoto fail;\n+\n \tif (sz_payload) {\n \t\tret = recv(fd, (void *)((char *)msg + sz_hdr), sz_payload, 0);\n \t\tif (ret < sz_payload) {\n", "prefixes": [ "dpdk-dev" ] }{ "id": 28986, "url": "