[dpdk-dev] [PATCH v3] examples/vhost_scsi: fix buffer not terminated

Maxime Coquelin maxime.coquelin at redhat.com
Fri Oct 13 09:12:33 CEST 2017



On 10/12/2017 01:34 PM, Jacek Piasecki wrote:
> Use snprintf instead strncpy to get safe null string termination.
> There was possible to get not terminated string after strncpy operation.
> 
> Coverity issue: 158631
> Fixes: db75c7af19bb ("examples/vhost_scsi: introduce a new sample app")
> Cc: changpeng.liu at intel.com
> Cc: stable at dpdk.org
> 
> Signed-off-by: Jacek Piasecki <jacekx.piasecki at intel.com>
> ---
>   examples/vhost_scsi/scsi.c | 4 +++-
>   1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/examples/vhost_scsi/scsi.c b/examples/vhost_scsi/scsi.c
> index 54d3104..2de3110 100644
> --- a/examples/vhost_scsi/scsi.c
> +++ b/examples/vhost_scsi/scsi.c
> @@ -307,7 +307,9 @@ vhost_bdev_scsi_inquiry_command(struct vhost_block_dev *bdev,
>   		strncpy((char *)inqdata->t10_vendor_id, "INTEL", 8);
>   
>   		/* PRODUCT IDENTIFICATION */
> -		strncpy((char *)inqdata->product_id, bdev->product_name, 16);
> +		snprintf((char *)inqdata->product_id,
> +				ARRAY_SIZE(inqdata->product_id), "%s",
> +				bdev->product_name);
>   
>   		/* PRODUCT REVISION LEVEL */
>   		strncpy((char *)inqdata->product_rev, "0001", 4);
> 

Acked-by: Maxime Coquelin <maxime.coquelin at redhat.com>

Thanks,
Maxime


More information about the dev mailing list