[dpdk-dev] [PATCH] examples/vm_power_manager: buffer not null terminated

Daniel Mrzyglod danielx.t.mrzyglod at intel.com
Tue Apr 12 17:13:06 CEST 2016

Previous message: [dpdk-dev] [PATCH] lpm: fix freeing of rules_tbl in rte_lpm_free_v20
Next message: [dpdk-dev] [PATCH] examples/vm_power_manager: buffer not null terminated
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

CID30691:
If the buffer is treated as a null terminated string in later operations,
a buffer overflow or over-read may occur.

In add_vm: The string buffer may not have a null terminator if the source
string's length is equal to the buffer size

Fixes: e8ae9b662506 ("examples/vm_power: channel manager and monitor in host")

Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod at intel.com>
---
 examples/vm_power_manager/channel_manager.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/examples/vm_power_manager/channel_manager.c b/examples/vm_power_manager/channel_manager.c
index 22c2ddd..b9265ce 100644
--- a/examples/vm_power_manager/channel_manager.c
+++ b/examples/vm_power_manager/channel_manager.c
@@ -666,7 +666,8 @@ add_vm(const char *vm_name)
 		rte_free(new_domain);
 		return -1;
 	}
-	strncpy(new_domain->name, vm_name, sizeof(new_domain->name));
+	strncat(new_domain->name, vm_name, sizeof(new_domain->name) -
+			strlen(new_domain->name) - 1);
 	new_domain->channel_mask = 0;
 	new_domain->num_channels = 0;
 
-- 
2.5.5

Previous message: [dpdk-dev] [PATCH] lpm: fix freeing of rules_tbl in rte_lpm_free_v20
Next message: [dpdk-dev] [PATCH] examples/vm_power_manager: buffer not null terminated
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list