git.droids-corp.org - dpdk.git/commit

author	Vladimir Medvedkin <vladimir.medvedkin@intel.com>
	Thu, 21 Oct 2021 17:15:49 +0000 (18:15 +0100)
committer	Thomas Monjalon <thomas@monjalon.net>
	Mon, 25 Oct 2021 17:08:16 +0000 (19:08 +0200)
commit	b16ac536573869ba3afd724947bfa9abbd477f86
tree	8913ab775a7fd18772272ef10fd8e1a367215b5c	tree \| snapshot
parent	45523f494c7b14a9d1066e3def78e9e6e0fd8418	commit \| diff

lpm6: fix buffer overflow

This patch fixes buffer overflow reported by ASAN,
please reference https://bugs.dpdk.org/show_bug.cgi?id=819

The rte_lpm6 keeps routing information for control plane purpose
inside the rte_hash table which uses rte_jhash() as a hash function.
From the rte_jhash() documentation: If input key is not aligned to
four byte boundaries or a multiple of four bytes in length,
the memory region just after may be read (but not used in the
computation).
rte_lpm6 uses 17 bytes keys consisting of IPv6 address (16 bytes) +
depth (1 byte).

This patch increases the size of the depth field up to uint32_t
and sets the alignment to 4 bytes.

Bugzilla ID: 819
Fixes: 86b3b21952a8 ("lpm6: store rules in hash table")
Cc: stable@dpdk.org
Signed-off-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>