From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>, passt-dev@passt.top
Cc: David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH v2 10/12] packet: Move packet length checks into packet_check_range()
Date: Fri, 20 Dec 2024 19:35:33 +1100 [thread overview]
Message-ID: <20241220083535.1372523-11-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20241220083535.1372523-1-david@gibson.dropbear.id.au>
Both packet_add_do() and packet_get_do() have a check on the given length,
essentially sanity checking it before validating that it's in an expected
memory region. This can be folded into packet_check_range() which performs
similar checks for both functions.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
packet.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/packet.c b/packet.c
index 24f12448..9e0e6555 100644
--- a/packet.c
+++ b/packet.c
@@ -37,6 +37,10 @@ static void packet_check_range(const struct pool *p,
const char *ptr, size_t len,
const char *func, int line)
{
+ ASSERT_WITH_MSG(len <= PACKET_MAX_LEN,
+ "packet_check_range length %zu (max %zu), %s:%i",
+ len, PACKET_MAX_LEN, func, line);
+
if (p->buf_size == 0) {
vu_packet_check_range((void *)p->buf, ptr, len, func, line);
return;
@@ -72,10 +76,6 @@ void packet_add_do(struct pool *p, size_t len, const char *start,
packet_check_range(p, start, len, func, line);
- ASSERT_WITH_MSG(len <= PACKET_MAX_LEN,
- "add packet length %zu (max %zu), %s:%i",
- len, PACKET_MAX_LEN, func, line);
-
p->pkt[idx].iov_base = (void *)start;
p->pkt[idx].iov_len = len;
@@ -102,9 +102,6 @@ void *packet_get_do(const struct pool *p, size_t idx, size_t offset,
ASSERT_WITH_MSG(idx < p->size && idx < p->count,
"packet %zu from pool size: %zu, count: %zu, %s:%i",
idx, p->size, p->count, func, line);
- ASSERT_WITH_MSG(len <= PACKET_MAX_LEN,
- "packet range length %zu (max %zu), %s:%i",
- len, PACKET_MAX_LEN, func, line);
if (len + offset > p->pkt[idx].iov_len) {
trace("data length %zu, offset %zu from length %zu, %s:%i",
--
@@ -37,6 +37,10 @@ static void packet_check_range(const struct pool *p,
const char *ptr, size_t len,
const char *func, int line)
{
+ ASSERT_WITH_MSG(len <= PACKET_MAX_LEN,
+ "packet_check_range length %zu (max %zu), %s:%i",
+ len, PACKET_MAX_LEN, func, line);
+
if (p->buf_size == 0) {
vu_packet_check_range((void *)p->buf, ptr, len, func, line);
return;
@@ -72,10 +76,6 @@ void packet_add_do(struct pool *p, size_t len, const char *start,
packet_check_range(p, start, len, func, line);
- ASSERT_WITH_MSG(len <= PACKET_MAX_LEN,
- "add packet length %zu (max %zu), %s:%i",
- len, PACKET_MAX_LEN, func, line);
-
p->pkt[idx].iov_base = (void *)start;
p->pkt[idx].iov_len = len;
@@ -102,9 +102,6 @@ void *packet_get_do(const struct pool *p, size_t idx, size_t offset,
ASSERT_WITH_MSG(idx < p->size && idx < p->count,
"packet %zu from pool size: %zu, count: %zu, %s:%i",
idx, p->size, p->count, func, line);
- ASSERT_WITH_MSG(len <= PACKET_MAX_LEN,
- "packet range length %zu (max %zu), %s:%i",
- len, PACKET_MAX_LEN, func, line);
if (len + offset > p->pkt[idx].iov_len) {
trace("data length %zu, offset %zu from length %zu, %s:%i",
--
2.47.1
next prev parent reply other threads:[~2024-12-20 8:58 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-20 8:35 [PATCH v2 00/12] Cleanups to packet pool handling and sizing David Gibson
2024-12-20 8:35 ` [PATCH v2 01/12] test focus David Gibson
2024-12-20 8:35 ` [PATCH v2 02/12] hack: stop on fail, but not perf fail David Gibson
2024-12-20 8:35 ` [PATCH v2 03/12] make passt dumpable David Gibson
2024-12-20 8:35 ` [PATCH v2 04/12] packet: Use flexible array member in struct pool David Gibson
2024-12-20 8:35 ` [PATCH v2 05/12] packet: Don't pass start and offset separately too packet_check_range() David Gibson
2024-12-20 8:35 ` [PATCH v2 06/12] packet: Don't hard code maximum packet size to UINT16_MAX David Gibson
2024-12-20 8:35 ` [PATCH v2 07/12] packet: Remove unhelpful packet_get_try() macro David Gibson
2024-12-20 8:35 ` [PATCH v2 08/12] util: Add abort_with_msg() and ASSERT_WITH_MSG() helpers David Gibson
2024-12-20 8:35 ` [PATCH v2 09/12] packet: Distinguish severities of different packet_{add,git}_do() errors David Gibson
2024-12-20 8:35 ` David Gibson [this message]
2024-12-20 8:35 ` [PATCH v2 11/12] tap: Don't size pool_tap[46] for the maximum number of packets David Gibson
2024-12-20 8:35 ` [PATCH v2 12/12] packet: More cautious checks to avoid pointer arithmetic UB David Gibson
2024-12-20 9:00 ` [PATCH v2 00/12] Cleanups to packet pool handling and sizing David Gibson
2024-12-20 10:06 ` Stefano Brivio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241220083535.1372523-11-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).