[dpdk-dev] [PATCH v1] metrics: fix potential missing NULL termination
Bruce Richardson
bruce.richardson at intel.com
Tue Feb 20 16:11:13 CET 2018
On Tue, Feb 20, 2018 at 02:50:01PM +0000, Remy Horton wrote:
> Fixes a potential memory overrun detected by Coverity.
> This overrun cannot currently happen in practice because
> rte_metrics_reg_names() explicitly forces the last name
> character to be a NULL terminator. This patch adds the
> same enforcement to rte_metrics_get_names() in order to
> correct the warning.
>
> Coverity issue: 143434
> Fixes: 349950ddb9c5 ("metrics: add information metrics library")
>
> Signed-off-by: Remy Horton <remy.horton at intel.com>
> ---
> lib/librte_metrics/rte_metrics.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/lib/librte_metrics/rte_metrics.c b/lib/librte_metrics/rte_metrics.c
> index 556ae1b..958ef3d 100644
> --- a/lib/librte_metrics/rte_metrics.c
> +++ b/lib/librte_metrics/rte_metrics.c
> @@ -214,10 +214,15 @@ rte_metrics_get_names(struct rte_metric_name *names,
> rte_spinlock_unlock(&stats->lock);
> return return_value;
> }
> - for (idx_name = 0; idx_name < stats->cnt_stats; idx_name++)
> + for (idx_name = 0; idx_name < stats->cnt_stats; idx_name++) {
> strncpy(names[idx_name].name,
> stats->metadata[idx_name].name,
> RTE_METRICS_MAX_NAME_LEN);
> + /* Enforce NULL-termination. The source string should already
> + * be NULL-terminated, so this is to quieten lint checks..
> + */
> + names[idx_name].name[RTE_METRICS_MAX_NAME_LEN - 1] = '\0';
> + }
> }
Again, I think the better fix is to replace strncpy with snprintf which
will guarantee the null termination, unlike strncpy which is nasty that
way.
/Bruce
More information about the dev
mailing list