[PATCH] telemetry: avoid truncation of strlcpy return before check

[lihuisong (C)]

在 2023/8/3 5:21, Tyler Retzlaff 写道:
> strlcpy returns type size_t when directly assigning to
> struct rte_tel_data data_len field it may be truncated leading to
> compromised length check that follows
>
> Since the limit in the check is < UINT_MAX the value returned is
> safe to be cast to unsigned int (which may be narrower than size_t)
> but only after being checked against RTE_TEL_MAX_SINGLE_STRING_LEN
>
> Signed-off-by: Tyler Retzlaff <roretzla at linux.microsoft.com>
> ---
>   lib/telemetry/telemetry_data.c | 5 +++--
>   1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/lib/telemetry/telemetry_data.c b/lib/telemetry/telemetry_data.c
> index 3b1a240..52307cb 100644
> --- a/lib/telemetry/telemetry_data.c
> +++ b/lib/telemetry/telemetry_data.c
> @@ -41,12 +41,13 @@
>   int
>   rte_tel_data_string(struct rte_tel_data *d, const char *str)
>   {
> +	const size_t len = strlcpy(d->data.str, str, sizeof(d->data.str));
sizeof(d->data.str) is equal to RTE_TEL_MAX_SINGLE_STRING_LEN(8192).
So It seems that this truncation probably will not happen.
>   	d->type = TEL_STRING;
> -	d->data_len = strlcpy(d->data.str, str, sizeof(d->data.str));
> -	if (d->data_len >= RTE_TEL_MAX_SINGLE_STRING_LEN) {
> +	if (len >= RTE_TEL_MAX_SINGLE_STRING_LEN) {
>   		d->data_len = RTE_TEL_MAX_SINGLE_STRING_LEN - 1;
>   		return E2BIG; /* not necessarily and error, just truncation */
>   	}
> +	d->data_len = (unsigned int)len;
>   	return 0;
>   }
>