[3/3] common/sfc_efx/base: enhance field ID check in field set API
Checks
Commit Message
A field ID passed to the API may point to a gap in the array
of field descriptors. Turn down such invocations as improper.
Fixes: 370ed675a952 ("common/sfc_efx/base: support setting PPORT in match spec")
Cc: stable@dpdk.org
Reviewed-by: Andy Moreton <amoreton@xilinx.com>
Reviewed-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
---
drivers/common/sfc_efx/base/efx_mae.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
@@ -678,16 +678,22 @@ efx_mae_match_spec_field_set(
goto fail2;
}
- if (value_size != descp->emmd_value_size) {
+ if (descp->emmd_mask_size == 0) {
+ /* The ID points to a gap in the array of field descriptors. */
rc = EINVAL;
goto fail3;
}
- if (mask_size != descp->emmd_mask_size) {
+ if (value_size != descp->emmd_value_size) {
rc = EINVAL;
goto fail4;
}
+ if (mask_size != descp->emmd_mask_size) {
+ rc = EINVAL;
+ goto fail5;
+ }
+
if (descp->emmd_endianness == EFX_MAE_FIELD_BE) {
/*
* The mask/value are in network (big endian) order.
@@ -729,6 +735,8 @@ efx_mae_match_spec_field_set(
return (0);
+fail5:
+ EFSYS_PROBE(fail5);
fail4:
EFSYS_PROBE(fail4);
fail3: