From patchwork Wed Aug 3 09:25:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Satheesh Paul Antonysamy X-Patchwork-Id: 114560 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 718F4A0545; Wed, 3 Aug 2022 11:25:48 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 59C6240A7E; Wed, 3 Aug 2022 11:25:47 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 7FC9640141; Wed, 3 Aug 2022 11:25:45 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 2732fR93020978; Wed, 3 Aug 2022 02:25:44 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=HPTMOjzZxyG1Q/0vW8Zbarl5SxYpH5LgnNNRmzST78A=; b=Zr0qKFJGiVWZ6YLGiC5yTCwNWnp6xL6Hz94f43I0g9g9xThxJpc3w4Xnc9UQC0c3AqE2 Zm/VsD6TEovwsoHGyoopa4znhuW7TbLy8CFzrEinmjOY6mlli3CnYnL4p18lSrUMbI6O b4xaXRk9MY+biy9o3ZBYxOI2ZgLcHp0lQAJSm5x7MsyBDM7+8UPyRARP8W78asI/Fx+G QK1s8OkoUt7wBQIZeGLHgPX9IGfKzsEaLkxh7amxHCXdnKOHzvrW+tKGEQk1UqTeCxqz p+UvyCe4MsqW0Do6BnSbkSsC2mmXaRwqlcM4WcrJFiXs3BlNQPZyeyMI9t2JSHPGO97x Uw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3hqgf1s77k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 03 Aug 2022 02:25:44 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 3 Aug 2022 02:25:42 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 3 Aug 2022 02:25:42 -0700 Received: from satheeshpaullabpc.. (unknown [10.28.34.33]) by maili.marvell.com (Postfix) with ESMTP id 00A163F7052; Wed, 3 Aug 2022 02:25:40 -0700 (PDT) From: To: Radu Nicolau , Akhil Goyal CC: , Satheesh Paul , Subject: [dpdk-dev] [PATCH] examples/ipsec-secgw: fix flow pattern buffer overrun Date: Wed, 3 Aug 2022 14:55:37 +0530 Message-ID: <20220803092537.2205277-1-psatheesh@marvell.com> X-Mailer: git-send-email 2.35.3 MIME-Version: 1.0 X-Proofpoint-GUID: yWx3lSgOrxJJOmoiVjnWu4Tu771MSolw X-Proofpoint-ORIG-GUID: yWx3lSgOrxJJOmoiVjnWu4Tu771MSolw X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-03_03,2022-08-02_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Satheesh Paul This patch fixes the patterns buffer overrun issue reported by Coverity. Coverity issue: 379236 Fixes: 8d0cdaa2d7 ("examples/ipsec-secgw: support mark and security flow action") Cc: stable@dpdk.org Signed-off-by: Satheesh Paul Reviewed-by: Akhil Goyal --- examples/ipsec-secgw/flow.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/examples/ipsec-secgw/flow.c b/examples/ipsec-secgw/flow.c index aee97b2fc4..9b18be83af 100644 --- a/examples/ipsec-secgw/flow.c +++ b/examples/ipsec-secgw/flow.c @@ -270,7 +270,7 @@ parse_flow_tokens(char **tokens, uint32_t n_tokens, nb_flow_rule++; } -#define MAX_RTE_FLOW_PATTERN (4) +#define MAX_RTE_FLOW_PATTERN (5) #define MAX_RTE_FLOW_ACTIONS (5) static void @@ -334,9 +334,7 @@ flow_init_single(struct flow_rule_entry *rule) pattern[pattern_idx].spec = &rule->ipv4.spec; pattern[pattern_idx].mask = &rule->ipv4.mask; pattern_idx++; - } - - if (rule->is_ipv6) { + } else if (rule->is_ipv6) { pattern[pattern_idx].type = RTE_FLOW_ITEM_TYPE_IPV6; pattern[pattern_idx].spec = &rule->ipv6.spec; pattern[pattern_idx].mask = &rule->ipv6.mask;