net/ice: improve input checks in raw pattern parsing

Replace strlen with more secure strnlen in ice_hash_parse_raw_pattern, and verify measured length matches reported length. Signed-off-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com> Acked-by: Bruce Richardson <bruce.richardson@intel.com>
DPDK · Jul 22, 2024 · a7c1387 · a7c1387
1 parent 8044e1d
commit a7c1387
Showing 1 changed file with 7 additions and 4 deletions.
diff --git a/drivers/net/ice/ice_hash.c b/drivers/net/ice/ice_hash.c
@@ -658,10 +658,13 @@ ice_hash_parse_raw_pattern(struct ice_adapter *ad,
 	raw_spec = item->spec;
 	raw_mask = item->mask;
 
-	spec_len = strlen((char *)(uintptr_t)raw_spec->pattern);
-	if (strlen((char *)(uintptr_t)raw_mask->pattern) !=
-		spec_len)
-		return -rte_errno;
+	spec_len = strnlen((char *)(uintptr_t)raw_spec->pattern,
+		raw_spec->length + 1);
+	if (spec_len != raw_spec->length)
+		return -EINVAL;
+	if (strnlen((char *)(uintptr_t)raw_mask->pattern, raw_spec->length + 1) !=
+			spec_len)
+		return -EINVAL;
 
 	pkt_len = spec_len / 2;