[v3] app/testbbdev: fix sprintf with snprintf or strlcpy
Checks
Commit Message
sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf and strlcpy is used.
Fixes: f714a18885 ("app/testbbdev: add test application for bbdev")
Cc: stable@dpdk.org
Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
Acked-by: Amr Mokhtar <amr.mokhtar@intel.com>
---
v3: Added Ack.
v2: Used strlcpy instead of snprintf as suggested.
---
app/test-bbdev/test_bbdev.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
Comments
09/04/2019 15:05, Pallantla Poornima:
> sprintf function is not secure as it doesn't check the length of string.
> More secure function snprintf and strlcpy is used.
>
> Fixes: f714a18885 ("app/testbbdev: add test application for bbdev")
> Cc: stable@dpdk.org
>
> Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
> Acked-by: Amr Mokhtar <amr.mokhtar@intel.com>
Applied, thanks
@@ -14,6 +14,8 @@
#include <rte_bbdev.h>
#include <rte_bbdev_op.h>
#include <rte_bbdev_pmd.h>
+#include<string.h>
+#include <rte_string_fns.h>
#include "main.h"
@@ -788,14 +790,14 @@ test_bbdev_driver_init(void)
/* Initialize the maximum amount of devices */
do {
- sprintf(name_tmp, "%s%i", "name_", num_devs);
+ snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
dev2 = rte_bbdev_allocate(name_tmp);
TEST_ASSERT(dev2 != NULL,
"Failed to initialize bbdev driver");
++num_devs;
} while (num_devs < (RTE_BBDEV_MAX_DEVS - 1));
- sprintf(name_tmp, "%s%i", "name_", num_devs);
+ snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
dev2 = rte_bbdev_allocate(name_tmp);
TEST_ASSERT(dev2 == NULL, "Failed to initialize bbdev driver number %d "
"more drivers than RTE_BBDEV_MAX_DEVS: %d ", num_devs,
@@ -804,7 +806,7 @@ test_bbdev_driver_init(void)
num_devs--;
while (num_devs >= num_devs_tmp) {
- sprintf(name_tmp, "%s%i", "name_", num_devs);
+ snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
dev2 = rte_bbdev_get_named_dev(name_tmp);
TEST_ASSERT_SUCCESS(rte_bbdev_release(dev2),
"Failed to uninitialize bbdev driver %s ",
@@ -825,7 +827,7 @@ test_bbdev_driver_init(void)
TEST_ASSERT_FAIL(rte_bbdev_release(NULL),
"Failed to uninitialize bbdev driver with NULL bbdev");
- sprintf(name_tmp, "%s", "invalid_name");
+ strlcpy(name_tmp, "invalid_name", sizeof(name_tmp));
dev2 = rte_bbdev_get_named_dev(name_tmp);
TEST_ASSERT_FAIL(rte_bbdev_release(dev2),
"Failed to uninitialize bbdev driver with invalid name");