16/02/2026 22:38, Stephen Hemminger:
> The pcapng file format uses a 16-bit length field in the option
> TLV (Type-Length-Value) encoding, limiting strings to UINT16_MAX
> bytes.
>
> Add validation for string arguments to prevent silent truncation
> or buffer issues when callers pass excessively long strings.
GCC warns on a remaining issue:
In function 'pcapng_add_option',
inlined from 'rte_pcapng_write_stats' at
../../dpdk/lib/pcapng/rte_pcapng.c:376:9:
../../dpdk/lib/pcapng/rte_pcapng.c:136:17: error: 'memcpy' forming offset
[2048, 65552] is out of the bounds [0, 2048] of object 'buf' with type
'uint32_t[512]' {aka 'unsigned int[512]'} [-Werror=array-bounds=]
136 | memcpy(popt->data, data, len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../dpdk/lib/pcapng/rte_pcapng.c: In function 'rte_pcapng_write_stats':
../../dpdk/lib/pcapng/rte_pcapng.c:346:18: note: 'buf' declared here
346 | uint32_t buf[PCAPNG_BLKSIZ];
| ^~~
I have to do this change:
if (comment)
opt = pcapng_add_option(opt, PCAPNG_OPT_COMMENT,
- comment, strlen(comment));
+ comment, strnlen(comment,
PCAPNG_STR_MAX));
I'm not sure to understand why it fixes the problem on the buffer of size 2048,
but it works.
