test/distributor: fix sprintf with snprintf

Message ID 1549449547-32343-1-git-send-email-pallantlax.poornima@intel.com
State Superseded
Delegated to: Thomas Monjalon
Headers show
Series
  • test/distributor: fix sprintf with snprintf
Related show

Checks

Context Check Description
ci/Intel-compilation success Compilation OK
ci/mellanox-Performance-Testing success Performance Testing PASS
ci/intel-Performance-Testing success Performance Testing PASS
ci/checkpatch success coding style OK

Commit Message

Pallantla Poornima Feb. 6, 2019, 10:39 a.m.
sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf is used.

Fixes: f74df2c57e ("test/distributor: test single and burst API")
Cc: stable@dpdk.org

Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
---
 test/test/test_distributor.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

Comments

Bruce Richardson Feb. 6, 2019, 10:48 a.m. | #1
On Wed, Feb 06, 2019 at 10:39:07AM +0000, Pallantla Poornima wrote:
> sprintf function is not secure as it doesn't check the length of string.
> More secure function snprintf is used.
> 
> Fixes: f74df2c57e ("test/distributor: test single and burst API")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
> ---
>  test/test/test_distributor.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/test/test/test_distributor.c b/test/test/test_distributor.c
> index 98919ec0c..03df32b05 100644
> --- a/test/test/test_distributor.c
> +++ b/test/test/test_distributor.c
> @@ -642,9 +642,11 @@ test_distributor(void)
>  
>  		worker_params.dist = dist[i];
>  		if (i)
> -			sprintf(worker_params.name, "burst");
> +			snprintf(worker_params.name,
> +					sizeof(worker_params.name), "burst");
>  		else
> -			sprintf(worker_params.name, "single");
> +			snprintf(worker_params.name,
> +					sizeof(worker_params.name), "single");
>  
>  		rte_eal_mp_remote_launch(handle_work,
>  				&worker_params, SKIP_MASTER);
> -- 
While not wrong here, I think changing these to string copies using
"strlcpy" might be better, since this is constant text in each case, and no
printf formatting is actually needed.

/Bruce

Patch

diff --git a/test/test/test_distributor.c b/test/test/test_distributor.c
index 98919ec0c..03df32b05 100644
--- a/test/test/test_distributor.c
+++ b/test/test/test_distributor.c
@@ -642,9 +642,11 @@  test_distributor(void)
 
 		worker_params.dist = dist[i];
 		if (i)
-			sprintf(worker_params.name, "burst");
+			snprintf(worker_params.name,
+					sizeof(worker_params.name), "burst");
 		else
-			sprintf(worker_params.name, "single");
+			snprintf(worker_params.name,
+					sizeof(worker_params.name), "single");
 
 		rte_eal_mp_remote_launch(handle_work,
 				&worker_params, SKIP_MASTER);