diff mbox series

ipsec: packet with null encryption can cause a segfault

Message ID	20190625182644.8401-1-konstantin.ananyev@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Konstantin Ananyev <konstantin.ananyev@intel.com> To: dev@dpdk.org Cc: akhil.goyal@nxp.com, Konstantin Ananyev <konstantin.ananyev@intel.com> Date: Tue, 25 Jun 2019 19:26:44 +0100 Message-Id: <20190625182644.8401-1-konstantin.ananyev@intel.com> Subject: [dpdk-dev] [PATCH] ipsec: packet with null encryption can cause a segfault Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	ipsec: packet with null encryption can cause a segfault \| ipsec: packet with null encryption can cause a segfault

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	fail	Compilation issues
ci/intel-Performance-Testing	success	Performance Testing PASS
ci/mellanox-Performance-Testing	success	Performance Testing PASS

Commit Message

Ananyev, Konstantin June 25, 2019, 6:26 p.m. UTC

  mbuf_get_seg_ofs() doesn't handle the case when requested offset
equals to packet length. Though it is a valid situation for
algorithms with no ICV data (IPsec with null encryption as an example).

Fixes: 12a0423236a9 ("ipsec: support multi-segment packets")

Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
---
 lib/librte_ipsec/misc.h | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

Comments

Akhil Goyal June 26, 2019, 7:35 a.m. UTC | #1

> 
> mbuf_get_seg_ofs() doesn't handle the case when requested offset
> equals to packet length. Though it is a valid situation for
> algorithms with no ICV data (IPsec with null encryption as an example).
> 
> Fixes: 12a0423236a9 ("ipsec: support multi-segment packets")
> 
> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> ---
Applied.

Squashed with the original commit.

Thanks.

diff mbox series

Patch

diff --git a/lib/librte_ipsec/misc.h b/lib/librte_ipsec/misc.h
index b0cafef4e..fe4641bfc 100644
--- a/lib/librte_ipsec/misc.h
+++ b/lib/librte_ipsec/misc.h
@@ -46,16 +46,22 @@  move_bad_mbufs(struct rte_mbuf *mb[], const uint32_t bad_idx[], uint32_t nb_mb,
 static inline struct rte_mbuf *
 mbuf_get_seg_ofs(struct rte_mbuf *mb, uint32_t *ofs)
 {
-	uint32_t k, n;
+	uint32_t k, n, plen;
 	struct rte_mbuf *ms;
 
-	ms = mb;
+	plen = mb->pkt_len;
 	n = *ofs;
 
-	for (k = rte_pktmbuf_data_len(ms); n >= k;
-			k = rte_pktmbuf_data_len(ms)) {
-		ms = ms->next;
-		n -= k;
+	if (n == plen) {
+		ms = rte_pktmbuf_lastseg(mb);
+		n = n + rte_pktmbuf_data_len(ms) - plen;
+	} else {
+		ms = mb;
+		for (k = rte_pktmbuf_data_len(ms); n >= k;
+				k = rte_pktmbuf_data_len(ms)) {
+			ms = ms->next;
+			n -= k;
+		}
 	}
 
 	*ofs = n;