On Wed, 30 Jul 2025 14:32:43 +0300
Maayan Kashani <mkash...@nvidia.com> wrote:
> A previous patch addressing an ASAN global-buffer-overflow issue
> inadvertently degraded the random mask value translation.
> Specifically, changing the mask from 0xffff to 0x0000ffff caused
> the value to be shifted left by 16 bits, since Testpmd
> defines arg::mask as a byte array.
>
> Independent of the ASAN fix, the random item mask specification
> was invalid at the API level: random items require a 32-bit mask,
> but only a 16-bit mask was being used.
>
> The correct mask for this use case is 0xffffffff.
> This fix restores the correct random value translation
> by applying the proper 32-bit mask and
> addresses the original ASAN issue.
>
> Fixes: 9a18070e3fe4 ("app/testpmd: fix flow random item token")
> Cc: sta...@dpdk.org
>
> Signed-off-by: Maayan Kashani <mkash...@nvidia.com>
> Acked-by: Dariusz Sosnowski <dsosnow...@nvidia.com>
> ---
> app/test-pmd/cmdline_flow.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/app/test-pmd/cmdline_flow.c b/app/test-pmd/cmdline_flow.c
> index 83d398f8eea..38e751f3f3c 100644
> --- a/app/test-pmd/cmdline_flow.c
> +++ b/app/test-pmd/cmdline_flow.c
> @@ -5591,7 +5591,7 @@ static const struct token token_list[] = {
> .next = NEXT(item_random, NEXT_ENTRY(COMMON_UNSIGNED),
> item_param),
> .args = ARGS(ARGS_ENTRY_MASK(struct rte_flow_item_random,
> - value, "\x00\x00\xff\xff")),
> + value, "\xff\xff\xff\xff")),
> },
> [ITEM_GRE_KEY] = {
> .name = "gre_key",
Applied to next-net
Using initialized strings as proxy for a byte array has lead to overflow
bugs and warnings on some compilers. Perhaps this might cause problems later.
