File dpdk-CVE-2022-0669.patch of Package dpdk.32563

Index: dpdk-stable-19.11.4/lib/librte_vhost/vhost_user.c
===================================================================
--- dpdk-stable-19.11.4.orig/lib/librte_vhost/vhost_user.c
+++ dpdk-stable-19.11.4/lib/librte_vhost/vhost_user.c
@@ -1393,6 +1393,9 @@ vhost_user_get_inflight_fd(struct virtio
 	int fd, i, j;
 	void *addr;
 
+	if (validate_msg_fds(msg, 0) != 0)
+		return RTE_VHOST_MSG_RESULT_ERR;
+
 	if (msg->size != sizeof(msg->payload.inflight)) {
 		RTE_LOG(ERR, VHOST_CONFIG,
 			"invalid get_inflight_fd message size is %d\n",
@@ -1486,6 +1489,9 @@ vhost_user_set_inflight_fd(struct virtio
 	void *addr;
 	int fd, i;
 
+	if (validate_msg_fds(msg, 1) != 0)
+		return RTE_VHOST_MSG_RESULT_ERR;
+
 	fd = msg->fds[0];
 	if (msg->size != sizeof(msg->payload.inflight) || fd < 0) {
 		RTE_LOG(ERR, VHOST_CONFIG,
openSUSE Build Service is sponsored by