[dpdk-dev] [PATCH] test: fix sprintf with snprintf

Pallantla Poornima pallantlax.poornima at intel.com
Fri Feb 8 14:27:37 CET 2019

Previous message: [dpdk-dev] [PATCH] doc: add cryptodev xform deprecation notice
Next message: [dpdk-dev] [PATCH] test: fix sprintf with snprintf
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf is used.

Fixes: 727909c592 ("app/test: introduce dynamic commands list")
Cc: stable at dpdk.org

Signed-off-by: Pallantla Poornima <pallantlax.poornima at intel.com>
---
 test/test/commands.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/test/test/commands.c b/test/test/commands.c
index 94fbc310e..5aeb35498 100644
--- a/test/test/commands.c
+++ b/test/test/commands.c
@@ -367,6 +367,8 @@ int commands_init(void)
 	struct test_command *t;
 	char *commands, *ptr;
 	int commands_len = 0;
+	int total_written = 0;
+	int count = 0;
 
 	TAILQ_FOREACH(t, &commands_list, next) {
 		commands_len += strlen(t->command) + 1;
@@ -378,7 +380,10 @@ int commands_init(void)
 
 	ptr = commands;
 	TAILQ_FOREACH(t, &commands_list, next) {
-		ptr += sprintf(ptr, "%s#", t->command);
+		count = snprintf(ptr, commands_len - total_written - 1, "%s#",
+				t->command);
+		ptr += count;
+		total_written += count;
 	}
 	ptr--;
 	ptr[0] = '\0';
-- 
2.17.2

Previous message: [dpdk-dev] [PATCH] doc: add cryptodev xform deprecation notice
Next message: [dpdk-dev] [PATCH] test: fix sprintf with snprintf
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list