[dpdk-dev,v5,14/16] app/proc-info: sprintf overrun bug
Checks
Commit Message
/home/agreen/projects/dpdk/app/proc-info/main.c: In function
‘nic_xstats_display’:
/home/agreen/projects/dpdk/app/proc-info/main.c:495:45:
error: ‘%s’ directive writing up to 255 bytes into a region
of size between 165 and 232 [-Werror=format-overflow=]
sprintf(buf, "PUTVAL %s/dpdkstat-port.%u/%s-%s N:%"
^~
PRIu64"\n", host_id, port_id, counter_type,
~~~~~~~~~~~~
/home/agreen/projects/dpdk/app/proc-info/main.c:495:4: note:
‘sprintf’ output between 31 and 435 bytes into a destination
of size 256
sprintf(buf, "PUTVAL %s/dpdkstat-port.%u/%s-%s N:%"
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
PRIu64"\n", host_id, port_id, counter_type,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
xstats_names[i].name, values[i]);
Signed-off-by: Andy Green <andy@warmcat.com>
Fixes: 2deb6b5246d7 ("app/procinfo: add collectd format and host id")
Cc: stable@dpdk.org
---
app/proc-info/main.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
@@ -488,14 +488,18 @@ nic_xstats_display(uint16_t port_id)
if (enable_collectd_format) {
char counter_type[MAX_STRING_LEN];
char buf[MAX_STRING_LEN];
+ size_t n;
collectd_resolve_cnt_type(counter_type,
sizeof(counter_type),
xstats_names[i].name);
- sprintf(buf, "PUTVAL %s/dpdkstat-port.%u/%s-%s N:%"
+ n = snprintf(buf, MAX_STRING_LEN,
+ "PUTVAL %s/dpdkstat-port.%u/%s-%s N:%"
PRIu64"\n", host_id, port_id, counter_type,
xstats_names[i].name, values[i]);
- ret = write(stdout_fd, buf, strlen(buf));
+ if (n > sizeof(buf) - 1)
+ n = sizeof(buf) - 1;
+ ret = write(stdout_fd, buf, n);
if (ret < 0)
goto err;
} else {