https://bugs.dpdk.org/show_bug.cgi?id=1791
Bug ID: 1791
Summary: cnxk driver reference past requested xstat array
Product: DPDK
Version: 25.07
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: Normal
Component: ethdev
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Because the cnxk driver ignores the limit arguement in some functions such as
xstat_names_get(). If the application asks for only some of the values in the
xstats then an out of bounds reference is possible.
Something like:
struct rte_esth_xstat_name names[20];
rte_eth_xstat_get_names(port_id, names, 20);
will cause out of bound array reference down here:
int
roc_nix_xstats_names_get(struct roc_nix *roc_nix,
struct roc_nix_xstat_name *xstats_names,
unsigned int limit)
{
struct nix *nix = roc_nix_to_nix_priv(roc_nix);
struct idev_cfg *idev = idev_get_cfg();
uint64_t i, count = 0;
PLT_SET_USED(limit);
for (i = 0; i < CNXK_NIX_NUM_TX_XSTATS; i++) {
NIX_XSTATS_NAME_PRINT(xstats_names, count, nix_tx_xstats, i);
count++;
}
--
You are receiving this mail because:
You are the assignee for the bug.
