[dpdk-stable] [PATCH v2] examples/vhost_scsi: fix buffer not terminated

Jacek Piasecki jacekx.piasecki at intel.com
Thu Oct 12 08:44:55 CEST 2017


Use snprintf instead strncpy to get safe null string termination.
There was possible to get not terminated string after strncpy operation.

Coverity issue: 158631
Fixes: db75c7af19bb ("examples/vhost_scsi: introduce a new sample app")
Cc: changpeng.liu at intel.com
Cc: stable at dpdk.org

Signed-off-by: Jacek Piasecki <jacekx.piasecki at intel.com>
---
v2:
* use snprintf instead strncpy

 examples/vhost_scsi/scsi.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/examples/vhost_scsi/scsi.c b/examples/vhost_scsi/scsi.c
index 54d3104..c0f3187 100644
--- a/examples/vhost_scsi/scsi.c
+++ b/examples/vhost_scsi/scsi.c
@@ -307,7 +307,8 @@
 		strncpy((char *)inqdata->t10_vendor_id, "INTEL", 8);
 
 		/* PRODUCT IDENTIFICATION */
-		strncpy((char *)inqdata->product_id, bdev->product_name, 16);
+		snprintf((char *)inqdata->product_id,
+				ARRAY_SIZE(inqdata->product_id), "%s", bdev->product_name);
 
 		/* PRODUCT REVISION LEVEL */
 		strncpy((char *)inqdata->product_rev, "0001", 4);
-- 
1.9.1



More information about the stable mailing list