ironcore-dev / dpservice

DPDK based fast Dataplane / L3 router / SDN enabler, installable on compute nodes / SmartNICs
Apache License 2.0
7 stars 1 forks source link

Maglev possible buffer overflow and shorter hash computation #540

Closed PlagueCZ closed 5 months ago

PlagueCZ commented 5 months ago

Maglev accesses IPv6 array like a C string in https://github.com/ironcore-dev/dpservice/blob/e9b42722ee8eac8df41113030a404525d361258f/src/dp_maglev.c#L69

This should simply access it as an array of fixed size.

There is a small chance (zero in current production) of an overflow when there is no zero byte in the underlay address.

However this also only computes a hash of a prefix instead of the whole address, as production underlay addresses always contain a zero byte at the start of the suffix (local address).