[dpdk-stable] patch 'app/test: fix sprintf with strlcat' has been queued to LTS release 17.11.7
Yongseok Koh
yskoh at mellanox.com
Tue Jul 23 03:00:28 CEST 2019
Hi,
FYI, your patch has been queued to LTS release 17.11.7
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objection by 07/27/19. So please
shout if anyone has objection.
Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.
Thanks.
Yongseok
---
>From 97017119f78b24ddbedaebdd3aa7ed05e4e92ab3 Mon Sep 17 00:00:00 2001
From: Pallantla Poornima <pallantlax.poornima at intel.com>
Date: Wed, 13 Mar 2019 11:07:23 +0000
Subject: [PATCH] app/test: fix sprintf with strlcat
[ upstream commit 323643727f4c5653d9a1ddc552d95bae2b2c2e5c ]
sprintf function is not secure as it doesn't check the length of string.
More secure function strlcat is used.
Fixes: 727909c592 ("app/test: introduce dynamic commands list")
Signed-off-by: Pallantla Poornima <pallantlax.poornima at intel.com>
Reviewed-by: Aaron Conole <aconole at redhat.com>
---
test/test/commands.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/test/test/commands.c b/test/test/commands.c
index 4097a3310a..0396f40007 100644
--- a/test/test/commands.c
+++ b/test/test/commands.c
@@ -72,6 +72,7 @@
#include <cmdline_parse_num.h>
#include <cmdline_parse_string.h>
#include <cmdline.h>
+#include <rte_string_fns.h>
#include "test.h"
@@ -380,23 +381,22 @@ cmdline_parse_ctx_t main_ctx[] = {
int commands_init(void)
{
struct test_command *t;
- char *commands, *ptr;
+ char *commands;
int commands_len = 0;
TAILQ_FOREACH(t, &commands_list, next) {
commands_len += strlen(t->command) + 1;
}
- commands = malloc(commands_len + 1);
+ commands = (char *)calloc(commands_len, sizeof(char));
if (!commands)
return -1;
- ptr = commands;
TAILQ_FOREACH(t, &commands_list, next) {
- ptr += sprintf(ptr, "%s#", t->command);
+ strlcat(commands, t->command, commands_len);
+ if (TAILQ_NEXT(t, next) != NULL)
+ strlcat(commands, "#", commands_len);
}
- ptr--;
- ptr[0] = '\0';
cmd_autotest_autotest.string_data.str = commands;
return 0;
--
2.21.0
---
Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- - 2019-07-22 17:55:09.771181352 -0700
+++ 0061-app-test-fix-sprintf-with-strlcat.patch 2019-07-22 17:55:06.184476000 -0700
@@ -1,25 +1,26 @@
-From 323643727f4c5653d9a1ddc552d95bae2b2c2e5c Mon Sep 17 00:00:00 2001
+From 97017119f78b24ddbedaebdd3aa7ed05e4e92ab3 Mon Sep 17 00:00:00 2001
From: Pallantla Poornima <pallantlax.poornima at intel.com>
Date: Wed, 13 Mar 2019 11:07:23 +0000
Subject: [PATCH] app/test: fix sprintf with strlcat
+[ upstream commit 323643727f4c5653d9a1ddc552d95bae2b2c2e5c ]
+
sprintf function is not secure as it doesn't check the length of string.
More secure function strlcat is used.
Fixes: 727909c592 ("app/test: introduce dynamic commands list")
-Cc: stable at dpdk.org
Signed-off-by: Pallantla Poornima <pallantlax.poornima at intel.com>
Reviewed-by: Aaron Conole <aconole at redhat.com>
---
- app/test/commands.c | 12 ++++++------
+ test/test/commands.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
-diff --git a/app/test/commands.c b/app/test/commands.c
-index 94fbc310ed..8d5a03a954 100644
---- a/app/test/commands.c
-+++ b/app/test/commands.c
-@@ -44,6 +44,7 @@
+diff --git a/test/test/commands.c b/test/test/commands.c
+index 4097a3310a..0396f40007 100644
+--- a/test/test/commands.c
++++ b/test/test/commands.c
+@@ -72,6 +72,7 @@
#include <cmdline_parse_num.h>
#include <cmdline_parse_string.h>
#include <cmdline.h>
@@ -27,7 +28,7 @@
#include "test.h"
-@@ -365,23 +366,22 @@ cmdline_parse_ctx_t main_ctx[] = {
+@@ -380,23 +381,22 @@ cmdline_parse_ctx_t main_ctx[] = {
int commands_init(void)
{
struct test_command *t;
More information about the stable
mailing list