[dpdk-dev] [PATCH 06/10] lib/librte_pipeline: fix the use of unsafe strcpy

Dumitrescu, Cristian cristian.dumitrescu at intel.com
Mon Jul 3 12:57:22 CEST 2023



> -----Original Message-----
> From: Stephen Hemminger <stephen at networkplumber.org>
> Sent: Friday, June 30, 2023 7:09 PM
> To: Min Hu (Connor) <humin29 at huawei.com>
> Cc: dev at dpdk.org; ferruh.yigit at intel.com; Dumitrescu, Cristian
> <cristian.dumitrescu at intel.com>; jerinj at marvell.com;
> jianjay.zhou at huawei.com; jia.guo at intel.com; g.singh at nxp.com;
> andrew.rybchenko at oktetlabs.ru; hemant.agrawal at nxp.com; orika at nvidia.com
> Subject: Re: [dpdk-dev] [PATCH 06/10] lib/librte_pipeline: fix the use of unsafe
> strcpy
> 
> On Mon, 19 Apr 2021 21:34:45 +0800
> "Min Hu (Connor)" <humin29 at huawei.com> wrote:
> 
> > From: HongBo Zheng <zhenghongbo3 at huawei.com>
> >
> > 'strcpy' is called in rte_swx_ctl_table_info_get, this function
> > is unsafe, use 'strncpy' instead.
> >
> > Fixes: 393b96e2aa2a ("pipeline: add SWX pipeline query API")
> > Cc: stable at dpdk.org
> >
> > Signed-off-by: HongBo Zheng <zhenghongbo3 at huawei.com>
> > Signed-off-by: Min Hu (Connor) <humin29 at huawei.com>
> > ---
> >  lib/librte_pipeline/rte_swx_pipeline.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/lib/librte_pipeline/rte_swx_pipeline.c
> b/lib/librte_pipeline/rte_swx_pipeline.c
> > index 4455d91..d4db4dd 100644
> > --- a/lib/librte_pipeline/rte_swx_pipeline.c
> > +++ b/lib/librte_pipeline/rte_swx_pipeline.c
> > @@ -9447,8 +9447,8 @@ rte_swx_ctl_table_info_get(struct rte_swx_pipeline
> *p,
> >  	if (!t)
> >  		return -EINVAL;
> >
> > -	strcpy(table->name, t->name);
> > -	strcpy(table->args, t->args);
> > +	strncpy(table->name, t->name, RTE_SWX_CTL_NAME_SIZE);
> > +	strncpy(table->args, t->args, RTE_SWX_CTL_NAME_SIZE);
> >  	table->n_match_fields = t->n_fields;
> >  	table->n_actions = t->n_actions;
> >  	table->default_action_is_const = t->default_action_is_const;
> 
> This patch is unnecessary.
> Both structures declare the same size for the name and args.
> Therefore the strcpy is always safe as long as the table structure
> is correctly setup with null terminated string. If not there are worse bugs.


+1
Agree with Steve, this is not necessary here.


More information about the dev mailing list