diff mbox series

[v2] app/testbbdev: fix sprintf with snprintf or strlcpy

Message ID	1550487010-730-1-git-send-email-pallantlax.poornima@intel.com (mailing list archive)
State	Superseded, archived
Delegated to:	Thomas Monjalon
Headers	From: Pallantla Poornima <pallantlax.poornima@intel.com> To: dev@dpdk.org Cc: reshma.pattan@intel.com, amr.mokhtar@intel.com, ferruh.yigit@intel.com, Pallantla Poornima <pallantlax.poornima@intel.com>, stable@dpdk.org Date: Mon, 18 Feb 2019 10:50:10 +0000 Message-Id: <1550487010-730-1-git-send-email-pallantlax.poornima@intel.com> In-Reply-To: <y> References: <y> Subject: [dpdk-dev] [PATCH v2] app/testbbdev: fix sprintf with snprintf or strlcpy Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	[v2] app/testbbdev: fix sprintf with snprintf or strlcpy \| [v2] app/testbbdev: fix sprintf with snprintf or strlcpy

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/intel-Performance-Testing	success	Performance Testing PASS
ci/mellanox-Performance-Testing	success	Performance Testing PASS
ci/Intel-compilation	success	Compilation OK

Commit Message

Poornima, PallantlaX Feb. 18, 2019, 10:50 a.m. UTC

  sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf and strlcpy is used.

Fixes: f714a18885 ("app/testbbdev: add test application for bbdev")
Cc: stable@dpdk.org

Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
---
v2: Used strlcpy instead of snprintf as suggested.
---
 app/test-bbdev/test_bbdev.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff mbox series

Patch

diff --git a/app/test-bbdev/test_bbdev.c b/app/test-bbdev/test_bbdev.c
index a914817bc..137c74cde 100644
--- a/app/test-bbdev/test_bbdev.c
+++ b/app/test-bbdev/test_bbdev.c
@@ -14,6 +14,8 @@ 
 #include <rte_bbdev.h>
 #include <rte_bbdev_op.h>
 #include <rte_bbdev_pmd.h>
+#include<string.h>
+#include <rte_string_fns.h>
 
 #include "main.h"
 
@@ -788,14 +790,14 @@  test_bbdev_driver_init(void)
 
 	/* Initialize the maximum amount of devices */
 	do {
-		sprintf(name_tmp, "%s%i", "name_", num_devs);
+		snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
 		dev2 = rte_bbdev_allocate(name_tmp);
 		TEST_ASSERT(dev2 != NULL,
 				"Failed to initialize bbdev driver");
 		++num_devs;
 	} while (num_devs < (RTE_BBDEV_MAX_DEVS - 1));
 
-	sprintf(name_tmp, "%s%i", "name_", num_devs);
+	snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
 	dev2 = rte_bbdev_allocate(name_tmp);
 	TEST_ASSERT(dev2 == NULL, "Failed to initialize bbdev driver number %d "
 			"more drivers than RTE_BBDEV_MAX_DEVS: %d ", num_devs,
@@ -804,7 +806,7 @@  test_bbdev_driver_init(void)
 	num_devs--;
 
 	while (num_devs >= num_devs_tmp) {
-		sprintf(name_tmp, "%s%i", "name_", num_devs);
+		snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
 		dev2 = rte_bbdev_get_named_dev(name_tmp);
 		TEST_ASSERT_SUCCESS(rte_bbdev_release(dev2),
 				"Failed to uninitialize bbdev driver %s ",
@@ -825,7 +827,7 @@  test_bbdev_driver_init(void)
 	TEST_ASSERT_FAIL(rte_bbdev_release(NULL),
 			"Failed to uninitialize bbdev driver with NULL bbdev");
 
-	sprintf(name_tmp, "%s", "invalid_name");
+	strlcpy(name_tmp, "invalid_name", sizeof(name_tmp));
 	dev2 = rte_bbdev_get_named_dev(name_tmp);
 	TEST_ASSERT_FAIL(rte_bbdev_release(dev2),
 			"Failed to uninitialize bbdev driver with invalid name");