[dpdk-dev] [PATCH 2/3] pdump: fix string overflow
Ferruh Yigit
ferruh.yigit at intel.com
Tue Jun 21 19:14:09 CEST 2016
On 6/21/2016 4:18 PM, Reshma Pattan wrote:
> using source length in strncpy can cause destination
> overflow if destination length is not big enough to
> handle the source string. Changes are made to use destination
> size instead of source length in strncpy.
>
> Cverity issue 127350: string overflow
>
> Fixes: 278f945402c5 ("pdump: add new library for packet capture")
>
> Signed-off-by: Reshma Pattan <reshma.pattan at intel.com>
> ---
> lib/librte_pdump/rte_pdump.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/lib/librte_pdump/rte_pdump.c b/lib/librte_pdump/rte_pdump.c
> index dbc6816..05513d6 100644
> --- a/lib/librte_pdump/rte_pdump.c
> +++ b/lib/librte_pdump/rte_pdump.c
> @@ -460,8 +460,7 @@ pdump_get_socket_path(char *buffer, int bufsz, enum rte_pdump_socktype type)
> SOCKET_PATH_HOME, __func__, __LINE__);
> return -1;
> }
> - }
> - else
> + } else
syntax fix may be not belong to this patch
> dir = SOCKET_PATH_VAR_RUN;
> }
>
> @@ -800,13 +799,15 @@ pdump_prepare_client_request(char *device, uint16_t queue,
> req.flags = flags;
> req.op = operation;
> if ((operation & ENABLE) != 0) {
> - strncpy(req.data.en_v1.device, device, strlen(device));
> + strncpy(req.data.en_v1.device, device,
> + sizeof(req.data.en_v1.device)-1);
"-" missing spaces around
More information about the dev
mailing list