Tighten parsing of the dmadev telemetry device and vchan parameters:
reject non-numeric and out-of-range ids through a bounded helper rather
than narrowing strtoul()'s result to int and leaning on the downstream
int16_t/uint16_t API to revalidate. This also drops the thread-unsafe
strtok() in the stats handler.
Fixes: 39b5ab60df30 ("dmadev: add telemetry")
Cc: [email protected]
Signed-off-by: Stephen Hemminger <[email protected]>
---
lib/dmadev/rte_dmadev.c | 44 ++++++++++++++++++++++++++++-------------
1 file changed, 30 insertions(+), 14 deletions(-)
diff --git a/lib/dmadev/rte_dmadev.c b/lib/dmadev/rte_dmadev.c
index b75b4f9bd1..822bb7c89f 100644
--- a/lib/dmadev/rte_dmadev.c
+++ b/lib/dmadev/rte_dmadev.c
@@ -4,6 +4,7 @@
*/
#include <ctype.h>
+#include <errno.h>
#include <inttypes.h>
#include <stdlib.h>
@@ -1157,6 +1158,25 @@ dmadev_handle_dev_list(const char *cmd __rte_unused,
return 0;
}
+/* Parse an unsigned integer telemetry parameter, returning the value or
+ * -EINVAL. 'max' must be <= INT_MAX.
+ */
+static int
+dmadev_parse_uint(const char *str, char **end, unsigned long max)
+{
+ unsigned long val;
+
+ if (str == NULL || !isdigit((unsigned char)*str))
+ return -EINVAL;
+
+ errno = 0;
+ val = strtoul(str, end, 0);
+ if (errno != 0 || val > max)
+ return -EINVAL;
+
+ return (int)val;
+}
+
#define ADD_CAPA(td, dc, c) rte_tel_data_add_dict_int(td,
dma_capability_name(c), !!(dc & c))
static int
@@ -1169,10 +1189,9 @@ dmadev_handle_dev_info(const char *cmd __rte_unused,
uint64_t dev_capa;
char *end_param;
- if (params == NULL || strlen(params) == 0 || !isdigit(*params))
+ dev_id = dmadev_parse_uint(params, &end_param, INT16_MAX);
+ if (dev_id < 0)
return -EINVAL;
-
- dev_id = strtoul(params, &end_param, 0);
if (*end_param != '\0')
RTE_DMA_LOG(WARNING, "Extra parameters passed to dmadev
telemetry command, ignoring");
@@ -1227,13 +1246,11 @@ dmadev_handle_dev_stats(const char *cmd __rte_unused,
struct rte_dma_stats dma_stats;
int dev_id, ret, vchan_id;
char *end_param;
- const char *vchan_param;
- if (params == NULL || strlen(params) == 0 || !isdigit(*params))
+ dev_id = dmadev_parse_uint(params, &end_param, INT16_MAX);
+ if (dev_id < 0)
return -EINVAL;
- dev_id = strtoul(params, &end_param, 0);
-
/* Function info_get validates dev_id so we don't need to. */
ret = rte_dma_info_get(dev_id, &dma_info);
if (ret < 0)
@@ -1245,11 +1262,11 @@ dmadev_handle_dev_stats(const char *cmd __rte_unused,
if (dma_info.nb_vchans == 1 && *end_param == '\0')
vchan_id = 0;
else {
- vchan_param = strtok(end_param, ",");
- if (!vchan_param || strlen(vchan_param) == 0 ||
!isdigit(*vchan_param))
+ if (*end_param != ',')
+ return -EINVAL;
+ vchan_id = dmadev_parse_uint(end_param + 1, &end_param,
UINT16_MAX);
+ if (vchan_id < 0)
return -EINVAL;
-
- vchan_id = strtoul(vchan_param, &end_param, 0);
}
if (*end_param != '\0')
RTE_DMA_LOG(WARNING, "Extra parameters passed to dmadev
telemetry command, ignoring");
@@ -1276,10 +1293,9 @@ dmadev_handle_dev_dump(const char *cmd __rte_unused,
int dev_id, ret;
FILE *f;
- if (params == NULL || strlen(params) == 0 || !isdigit(*params))
+ dev_id = dmadev_parse_uint(params, &end_param, INT16_MAX);
+ if (dev_id < 0)
return -EINVAL;
-
- dev_id = strtoul(params, &end_param, 0);
if (*end_param != '\0')
RTE_DMA_LOG(WARNING, "Extra parameters passed to dmadev
telemetry command, ignoring");
--
2.53.0
