[dpdk-dev] [PATCH 06/10] lib/librte_pipeline: fix the use of unsafe strcpy
Andrew Rybchenko
andrew.rybchenko at oktetlabs.ru
Tue Apr 20 11:36:46 CEST 2021
On 4/19/21 4:34 PM, Min Hu (Connor) wrote:
> From: HongBo Zheng <zhenghongbo3 at huawei.com>
>
> 'strcpy' is called in rte_swx_ctl_table_info_get, this function
> is unsafe, use 'strncpy' instead.
>
> Fixes: 393b96e2aa2a ("pipeline: add SWX pipeline query API")
> Cc: stable at dpdk.org
>
> Signed-off-by: HongBo Zheng <zhenghongbo3 at huawei.com>
> Signed-off-by: Min Hu (Connor) <humin29 at huawei.com>
> ---
> lib/librte_pipeline/rte_swx_pipeline.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lib/librte_pipeline/rte_swx_pipeline.c b/lib/librte_pipeline/rte_swx_pipeline.c
> index 4455d91..d4db4dd 100644
> --- a/lib/librte_pipeline/rte_swx_pipeline.c
> +++ b/lib/librte_pipeline/rte_swx_pipeline.c
> @@ -9447,8 +9447,8 @@ rte_swx_ctl_table_info_get(struct rte_swx_pipeline *p,
> if (!t)
> return -EINVAL;
>
> - strcpy(table->name, t->name);
> - strcpy(table->args, t->args);
> + strncpy(table->name, t->name, RTE_SWX_CTL_NAME_SIZE);
> + strncpy(table->args, t->args, RTE_SWX_CTL_NAME_SIZE);
strlcpy() should be used in fact, since strncpy() has problems
as well.
> table->n_match_fields = t->n_fields;
> table->n_actions = t->n_actions;
> table->default_action_is_const = t->default_action_is_const;
>
More information about the dev
mailing list