[PATCH v2] examples: use strlcpy and strlcat

[Bruce Richardson]

Replace strncpy and other unbounded string functions, e.g. strcpy,
strcat, with the safer alternatives strlcpy and strlcat, so that we can
guarantee null termination of strings.

Fixes: 4bbf8e30aa5e ("examples/ip_pipeline: add CLI interface")
Fixes: 5f657a7fbe86 ("examples/pipeline: add message passing mechanism")
Fixes: 83f58a7b7b0a ("examples/pipeline: add commands for direct registers")
Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
Fixes: 63e8c07c7245 ("examples/ipsec-secgw: fix configuration parsing")
Fixes: 41e97c2ea9e6 ("examples/l2fwd-crypto: extend crypto information")
Fixes: e8ae9b662506 ("examples/vm_power: channel manager and monitor in host")
Cc: stable at dpdk.org

Signed-off-by: Bruce Richardson <bruce.richardson at intel.com>
Acked-by: Radu Nicolau <radu.nicolau at intel.com>
---
V2: add string_fns.h header to two pipeline and ip_pipeline examples, to
    fix builds on older distros without a built-in strlcpy fn.
---
 examples/ip_pipeline/conn.c                 |  6 ++++--
 examples/ipsec-secgw/sa.c                   |  4 ++--
 examples/l2fwd-crypto/main.c                | 12 ++++++------
 examples/pipeline/cli.c                     |  4 ++--
 examples/pipeline/conn.c                    |  6 ++++--
 examples/vm_power_manager/channel_manager.c |  3 +--
 6 files changed, 19 insertions(+), 16 deletions(-)

diff --git a/examples/ip_pipeline/conn.c b/examples/ip_pipeline/conn.c
index 30fca80c14..b2406b7af1 100644
--- a/examples/ip_pipeline/conn.c
+++ b/examples/ip_pipeline/conn.c
@@ -15,6 +15,8 @@
 #include <arpa/inet.h>
 #include <errno.h>
 
+#include <rte_string_fns.h>
+
 #include "conn.h"
 
 #define MSG_CMD_TOO_LONG "Command too long."
@@ -115,8 +117,8 @@ conn_init(struct conn_params *p)
 	}
 
 	/* Fill in */
-	strncpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX);
-	strncpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX);
+	strlcpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX + 1);
+	strlcpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX + 1);
 	conn->buf_size = p->buf_size;
 	conn->msg_in_len_max = p->msg_in_len_max;
 	conn->msg_out_len_max = p->msg_out_len_max;
diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 866ba04b86..b5068765b6 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -338,12 +338,12 @@ parse_key_string(const char *key_str, uint8_t *key)
 		if (pt_end == NULL) {
 			if (strlen(pt_start) > 2)
 				return 0;
-			strncpy(sub_str, pt_start, 2);
+			memcpy(sub_str, pt_start, 2);
 		} else {
 			if (pt_end - pt_start > 2)
 				return 0;
 
-			strncpy(sub_str, pt_start, pt_end - pt_start);
+			memcpy(sub_str, pt_start, pt_end - pt_start);
 			pt_start = pt_end + 1;
 		}
 
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index ff189b5fab..22ad825c91 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -1576,19 +1576,19 @@ l2fwd_crypto_options_print(struct l2fwd_crypto_options *options)
 	char string_aead_op[MAX_STR_LEN];
 
 	if (options->cipher_xform.cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
-		strcpy(string_cipher_op, "Encrypt");
+		strlcpy(string_cipher_op, "Encrypt", sizeof(string_cipher_op));
 	else
-		strcpy(string_cipher_op, "Decrypt");
+		strlcpy(string_cipher_op, "Decrypt", sizeof(string_cipher_op));
 
 	if (options->auth_xform.auth.op == RTE_CRYPTO_AUTH_OP_GENERATE)
-		strcpy(string_auth_op, "Auth generate");
+		strlcpy(string_auth_op, "Auth generate", sizeof(string_auth_op));
 	else
-		strcpy(string_auth_op, "Auth verify");
+		strlcpy(string_auth_op, "Auth verify", sizeof(string_auth_op));
 
 	if (options->aead_xform.aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT)
-		strcpy(string_aead_op, "Authenticated encryption");
+		strlcpy(string_aead_op, "Authenticated encryption", sizeof(string_aead_op));
 	else
-		strcpy(string_aead_op, "Authenticated decryption");
+		strlcpy(string_aead_op, "Authenticated decryption", sizeof(string_aead_op));
 
 
 	printf("Options:-\nn");
diff --git a/examples/pipeline/cli.c b/examples/pipeline/cli.c
index 215b4061d5..901706fab9 100644
--- a/examples/pipeline/cli.c
+++ b/examples/pipeline/cli.c
@@ -172,9 +172,9 @@ parse_table_entry(struct rte_swx_ctl_pipeline *p,
 	line[0] = 0;
 	for (i = 0; i < n_tokens; i++) {
 		if (i)
-			strcat(line, " ");
+			strlcat(line, " ", MAX_LINE_SIZE);
 
-		strcat(line, tokens[i]);
+		strlcat(line, tokens[i], MAX_LINE_SIZE);
 	}
 
 	/* Read the table entry from the input buffer. */
diff --git a/examples/pipeline/conn.c b/examples/pipeline/conn.c
index e168c4ddaa..5fb033904f 100644
--- a/examples/pipeline/conn.c
+++ b/examples/pipeline/conn.c
@@ -15,6 +15,8 @@
 #include <arpa/inet.h>
 #include <errno.h>
 
+#include <rte_string_fns.h>
+
 #include "conn.h"
 
 #define MSG_CMD_TOO_LONG "Command too long."
@@ -116,8 +118,8 @@ conn_init(struct conn_params *p)
 	}
 
 	/* Fill in */
-	strncpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX);
-	strncpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX);
+	strlcpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX + 1);
+	strlcpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX + 1);
 	conn->buf_size = p->buf_size;
 	conn->msg_in_len_max = p->msg_in_len_max;
 	conn->msg_out_len_max = p->msg_out_len_max;
diff --git a/examples/vm_power_manager/channel_manager.c b/examples/vm_power_manager/channel_manager.c
index b69449c61d..339c7fbb93 100644
--- a/examples/vm_power_manager/channel_manager.c
+++ b/examples/vm_power_manager/channel_manager.c
@@ -875,8 +875,7 @@ add_vm(const char *vm_name)
 		rte_free(new_domain);
 		return -1;
 	}
-	strncpy(new_domain->name, vm_name, sizeof(new_domain->name));
-	new_domain->name[sizeof(new_domain->name) - 1] = '\0';
+	strlcpy(new_domain->name, vm_name, sizeof(new_domain->name));
 	memset(new_domain->channel_mask, 0, RTE_MAX_LCORE);
 	new_domain->num_channels = 0;
 
-- 
2.53.0