From: Yunjian Wang <[email protected]>
When an input params'value is '[', leading to the 'str' over read
or heap-buffer-overflow. So we can check the 'ctx1' length to avoid
this problem.
Fixes: cc0579f2339a ("kvargs: support list value")
Cc: [email protected]
Signed-off-by: Yunjian Wang <[email protected]>
---
lib/librte_kvargs/rte_kvargs.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/librte_kvargs/rte_kvargs.c b/lib/librte_kvargs/rte_kvargs.c
index d39332999..a1144b90b 100644
--- a/lib/librte_kvargs/rte_kvargs.c
+++ b/lib/librte_kvargs/rte_kvargs.c
@@ -48,7 +48,8 @@ rte_kvargs_tokenize(struct rte_kvargs *kvlist, const char
*params)
str = kvlist->pairs[i].value;
if (str[0] == '[') {
/* Find the end of the list. */
- while (str[strlen(str) - 1] != ']') {
+ while ((str[strlen(str) - 1] != ']') &&
+ (strlen(ctx1) > 0)) {
/* Restore the comma erased by strtok_r(). */
str[strlen(str)] = ',';
/* Parse until next comma. */
--
2.19.1
