[RFC,1/2] mbuf: add a sanity check on segment metadata
Checks
Commit Message
Add some basic check on the segments offset and length metadata:
always funny to have a < 0 tailroom cast to uint16_t ;-).
Signed-off-by: David Marchand <david.marchand@6wind.com>
---
lib/librte_mbuf/rte_mbuf.c | 2 ++
1 file changed, 2 insertions(+)
Comments
Hi David,
On Mon, Aug 13, 2018 at 06:03:45PM +0200, David Marchand wrote:
> Add some basic check on the segments offset and length metadata:
> always funny to have a < 0 tailroom cast to uint16_t ;-).
>
> Signed-off-by: David Marchand <david.marchand@6wind.com>
> ---
> lib/librte_mbuf/rte_mbuf.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/lib/librte_mbuf/rte_mbuf.c b/lib/librte_mbuf/rte_mbuf.c
> index e714c5a..7eeef12 100644
> --- a/lib/librte_mbuf/rte_mbuf.c
> +++ b/lib/librte_mbuf/rte_mbuf.c
> @@ -200,6 +200,8 @@ rte_mbuf_sanity_check(const struct rte_mbuf *m, int is_header)
> pkt_len = m->pkt_len;
>
> do {
> + if (m->data_off + m->data_len > m->buf_len)
> + rte_panic("bad segment metadata\n");
What about spliting the test into two? This would help to clarify
the error messages. I also suggest add casts to uint32 to ensure
that there is no overflow.
if (m->data_off_len > m->buf_len)
rte_panic("data offset too big in mbuf segment\n");
if ((uint32_t)m->data_off + (uint32_t)m->data_len > (uint32_t)m->buf_len)
rte_panic("data length too big in mbuf segment\n");
On Thu, Aug 23, 2018 at 9:39 AM, Olivier Matz <olivier.matz@6wind.com> wrote:
> On Mon, Aug 13, 2018 at 06:03:45PM +0200, David Marchand wrote:
>> Add some basic check on the segments offset and length metadata:
>> always funny to have a < 0 tailroom cast to uint16_t ;-).
>>
>> Signed-off-by: David Marchand <david.marchand@6wind.com>
>> ---
>> lib/librte_mbuf/rte_mbuf.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/lib/librte_mbuf/rte_mbuf.c b/lib/librte_mbuf/rte_mbuf.c
>> index e714c5a..7eeef12 100644
>> --- a/lib/librte_mbuf/rte_mbuf.c
>> +++ b/lib/librte_mbuf/rte_mbuf.c
>> @@ -200,6 +200,8 @@ rte_mbuf_sanity_check(const struct rte_mbuf *m, int is_header)
>> pkt_len = m->pkt_len;
>>
>> do {
>> + if (m->data_off + m->data_len > m->buf_len)
>> + rte_panic("bad segment metadata\n");
>
> What about spliting the test into two? This would help to clarify
> the error messages. I also suggest add casts to uint32 to ensure
> that there is no overflow.
Sure, will do.
@@ -200,6 +200,8 @@ rte_mbuf_sanity_check(const struct rte_mbuf *m, int is_header)
pkt_len = m->pkt_len;
do {
+ if (m->data_off + m->data_len > m->buf_len)
+ rte_panic("bad segment metadata\n");
nb_segs -= 1;
pkt_len -= m->data_len;
} while ((m = m->next) != NULL);