eal/trace: fix coverity issues

Message ID 20200427120424.22728-1-skori@marvell.com (mailing list archive)
State Superseded, archived
Delegated to: David Marchand
Headers
Series eal/trace: fix coverity issues |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-nxp-Performance success Performance Testing PASS
ci/travis-robot warning Travis build: failed
ci/iol-testing success Testing PASS
ci/Intel-compilation success Compilation OK
ci/iol-mellanox-Performance success Performance Testing PASS

Commit Message

Sunil Kumar Kori April 27, 2020, 12:04 p.m. UTC
Pointer was being dereferenced without NULL checking.

Coverity issue: 357768

Fixes: 8c8066ea6a7b ("trace: add trace mode configuration parameter")

Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
---
 lib/librte_eal/common/eal_common_trace_utils.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
  

Comments

David Marchand April 27, 2020, 12:26 p.m. UTC | #1
On Mon, Apr 27, 2020 at 2:04 PM Sunil Kumar Kori <skori@marvell.com> wrote:
>
> Pointer was being dereferenced without NULL checking.
>
> Coverity issue: 357768
>
> Fixes: 8c8066ea6a7b ("trace: add trace mode configuration parameter")
>
> Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
> ---
>  lib/librte_eal/common/eal_common_trace_utils.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/lib/librte_eal/common/eal_common_trace_utils.c b/lib/librte_eal/common/eal_common_trace_utils.c
> index fce8892c3..119e97119 100644
> --- a/lib/librte_eal/common/eal_common_trace_utils.c
> +++ b/lib/librte_eal/common/eal_common_trace_utils.c
> @@ -227,15 +227,16 @@ int
>  eal_trace_mode_args_save(const char *optarg)
>  {
>         struct trace *trace = trace_obj_get();
> -       size_t len = strlen(optarg);
>         unsigned long tmp;
>         char *pattern;
> +       size_t len;
>
>         if (optarg == NULL) {
>                 trace_err("no optarg is passed");
>                 return -EINVAL;
>         }
>
> +       len = strlen(optarg);
>         if (len == 0) {
>                 trace_err("value is not provided with option");
>                 return -EINVAL;

I was looking at some gcc 10 complaints on string manipulation later
in eal_trace_dir_args_save().

https://build.opensuse.org/package/live_build_log/home:dmarchan:branches:home:bluca:dpdk/dpdk/Fedora_Rawhide/x86_64

[  126s]   CC rte_malloc.o
[  127s] /home/abuild/rpmbuild/BUILD/dpdk-1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:
In function 'eal_trace_dir_args_save':
[  127s] /home/abuild/rpmbuild/BUILD/dpdk-1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:290:24:
error: 'sprintf' may write a terminating nul past the end of the
destination [-Werror=format-overflow=]
[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
[  127s]       |                        ^
[  127s] /home/abuild/rpmbuild/BUILD/dpdk-1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:290:2:
note: 'sprintf' output between 2 and 4097 bytes into a destination of
size 4096
[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
[  127s]       |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[  127s] cc1: all warnings being treated as errors


Could we use asprintf in all this code and avoid malloc + sprintf ?


Something like the _untested_ snippet?

diff --git a/lib/librte_eal/common/eal_common_trace_utils.c
b/lib/librte_eal/common/eal_common_trace_utils.c
index fce8892c38..4769bade97 100644
--- a/lib/librte_eal/common/eal_common_trace_utils.c
+++ b/lib/librte_eal/common/eal_common_trace_utils.c
@@ -267,8 +267,7 @@ int
 eal_trace_dir_args_save(char const *optarg)
 {
        struct trace *trace = trace_obj_get();
-       uint32_t size = sizeof(trace->dir);
-       char *dir_path = NULL;
+       char *dir_path;
        int rc;

        if (optarg == NULL) {
@@ -276,19 +275,18 @@ eal_trace_dir_args_save(char const *optarg)
                return -EINVAL;
        }

-       if (strlen(optarg) >= size) {
-               trace_err("input string is too big");
-               return -ENAMETOOLONG;
-       }
-
-       dir_path = (char *)calloc(1, size);
-       if (dir_path == NULL) {
-               trace_err("fail to allocate memory");
+       rc = asprintf(&dir_path, "%s/", optarg);
+       if (rc == -1) {
+               trace_err("failed to copy directory: %s", strerror(errno));
                return -ENOMEM;
        }

-       sprintf(dir_path, "%s/", optarg);
-       rc = trace_dir_update(dir_path);
+       if ((size_t)rc >= sizeof(trace->dir)) {
+               trace_err("input string is too big");
+               rc = -ENAMETOOLONG;
+       } else {
+               rc = trace_dir_update(dir_path);
+       }

        free(dir_path);
        return rc;
  
Sunil Kumar Kori April 27, 2020, 1:46 p.m. UTC | #2
>-----Original Message-----
>From: David Marchand <david.marchand@redhat.com>
>Sent: Monday, April 27, 2020 5:56 PM
>To: Sunil Kumar Kori <skori@marvell.com>
>Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; dev <dev@dpdk.org>
>Subject: [EXT] Re: [dpdk-dev] [PATCH] eal/trace: fix coverity issues
>
>External Email
>
>----------------------------------------------------------------------
>On Mon, Apr 27, 2020 at 2:04 PM Sunil Kumar Kori <skori@marvell.com>
>wrote:
>>
>> Pointer was being dereferenced without NULL checking.
>>
>> Coverity issue: 357768
>>
>> Fixes: 8c8066ea6a7b ("trace: add trace mode configuration parameter")
>>
>> Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
>> ---
>>  lib/librte_eal/common/eal_common_trace_utils.c | 3 ++-
>>  1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/lib/librte_eal/common/eal_common_trace_utils.c
>> b/lib/librte_eal/common/eal_common_trace_utils.c
>> index fce8892c3..119e97119 100644
>> --- a/lib/librte_eal/common/eal_common_trace_utils.c
>> +++ b/lib/librte_eal/common/eal_common_trace_utils.c
>> @@ -227,15 +227,16 @@ int
>>  eal_trace_mode_args_save(const char *optarg)  {
>>         struct trace *trace = trace_obj_get();
>> -       size_t len = strlen(optarg);
>>         unsigned long tmp;
>>         char *pattern;
>> +       size_t len;
>>
>>         if (optarg == NULL) {
>>                 trace_err("no optarg is passed");
>>                 return -EINVAL;
>>         }
>>
>> +       len = strlen(optarg);
>>         if (len == 0) {
>>                 trace_err("value is not provided with option");
>>                 return -EINVAL;
>
>I was looking at some gcc 10 complaints on string manipulation later
>in eal_trace_dir_args_save().
>
>https://urldefense.proofpoint.com/v2/url?u=https-
>3A__build.opensuse.org_package_live-5Fbuild-5Flog_home-3Admarchan-
>3Abranches-3Ahome-3Abluca-3Adpdk_dpdk_Fedora-5FRawhide_x86-
>5F64&d=DwIFaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=dXeXaAMkP5COgn1zxHMy
>aF1_d9IIuq6vHQO6NrIPjaE&m=NZ72Sr2OMEYZD7PIY59lshlAxZJJJepF5oxbHv0j
>5Zg&s=yOCA3PfhZojqJv0iVKlzeqM7tYGVv0jjrnVcajUx_qA&e=
>
>[  126s]   CC rte_malloc.o
>[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:
>In function 'eal_trace_dir_args_save':
>[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:29
>0:24:
>error: 'sprintf' may write a terminating nul past the end of the
>destination [-Werror=format-overflow=]
>[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
>[  127s]       |                        ^
>[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:29
>0:2:
>note: 'sprintf' output between 2 and 4097 bytes into a destination of
>size 4096
>[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
>[  127s]       |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>[  127s] cc1: all warnings being treated as errors
>
>
>Could we use asprintf in all this code and avoid malloc + sprintf ?
>
As I understood from above warnings/errors, real problem is writing beyond destination i.e. dir_path.
If this is the case then it can be simply handled using snprintf(); with correct "size" information.
Suggested code changes are correct. I am just trying to achieve this with lesser code changes. 

Also I think, fix for this should be a separate patch. 
Suggestions please ?

>
>Something like the _untested_ snippet?
>
>diff --git a/lib/librte_eal/common/eal_common_trace_utils.c
>b/lib/librte_eal/common/eal_common_trace_utils.c
>index fce8892c38..4769bade97 100644
>--- a/lib/librte_eal/common/eal_common_trace_utils.c
>+++ b/lib/librte_eal/common/eal_common_trace_utils.c
>@@ -267,8 +267,7 @@ int
> eal_trace_dir_args_save(char const *optarg)
> {
>        struct trace *trace = trace_obj_get();
>-       uint32_t size = sizeof(trace->dir);
>-       char *dir_path = NULL;
>+       char *dir_path;
>        int rc;
>
>        if (optarg == NULL) {
>@@ -276,19 +275,18 @@ eal_trace_dir_args_save(char const *optarg)
>                return -EINVAL;
>        }
>
>-       if (strlen(optarg) >= size) {
>-               trace_err("input string is too big");
>-               return -ENAMETOOLONG;
>-       }
>-
>-       dir_path = (char *)calloc(1, size);
>-       if (dir_path == NULL) {
>-               trace_err("fail to allocate memory");
>+       rc = asprintf(&dir_path, "%s/", optarg);
>+       if (rc == -1) {
>+               trace_err("failed to copy directory: %s", strerror(errno));
>                return -ENOMEM;
>        }
>
>-       sprintf(dir_path, "%s/", optarg);
>-       rc = trace_dir_update(dir_path);
>+       if ((size_t)rc >= sizeof(trace->dir)) {
>+               trace_err("input string is too big");
>+               rc = -ENAMETOOLONG;
>+       } else {
>+               rc = trace_dir_update(dir_path);
>+       }
>
>        free(dir_path);
>        return rc;
>
>
>
>--
>David Marchand
  
David Marchand April 27, 2020, 1:52 p.m. UTC | #3
On Mon, Apr 27, 2020 at 3:46 PM Sunil Kumar Kori <skori@marvell.com> wrote:
>
> >-----Original Message-----
> >From: David Marchand <david.marchand@redhat.com>
> >Sent: Monday, April 27, 2020 5:56 PM
> >To: Sunil Kumar Kori <skori@marvell.com>
> >Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; dev <dev@dpdk.org>
> >Subject: [EXT] Re: [dpdk-dev] [PATCH] eal/trace: fix coverity issues
> >
> >External Email
> >
> >----------------------------------------------------------------------
> >On Mon, Apr 27, 2020 at 2:04 PM Sunil Kumar Kori <skori@marvell.com>
> >wrote:
> >>
> >> Pointer was being dereferenced without NULL checking.
> >>
> >> Coverity issue: 357768
> >>
> >> Fixes: 8c8066ea6a7b ("trace: add trace mode configuration parameter")
> >>
> >> Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
> >> ---
> >>  lib/librte_eal/common/eal_common_trace_utils.c | 3 ++-
> >>  1 file changed, 2 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/lib/librte_eal/common/eal_common_trace_utils.c
> >> b/lib/librte_eal/common/eal_common_trace_utils.c
> >> index fce8892c3..119e97119 100644
> >> --- a/lib/librte_eal/common/eal_common_trace_utils.c
> >> +++ b/lib/librte_eal/common/eal_common_trace_utils.c
> >> @@ -227,15 +227,16 @@ int
> >>  eal_trace_mode_args_save(const char *optarg)  {
> >>         struct trace *trace = trace_obj_get();
> >> -       size_t len = strlen(optarg);
> >>         unsigned long tmp;
> >>         char *pattern;
> >> +       size_t len;
> >>
> >>         if (optarg == NULL) {
> >>                 trace_err("no optarg is passed");
> >>                 return -EINVAL;
> >>         }
> >>
> >> +       len = strlen(optarg);
> >>         if (len == 0) {
> >>                 trace_err("value is not provided with option");
> >>                 return -EINVAL;
> >
> >I was looking at some gcc 10 complaints on string manipulation later
> >in eal_trace_dir_args_save().
> >
> >https://urldefense.proofpoint.com/v2/url?u=https-
> >3A__build.opensuse.org_package_live-5Fbuild-5Flog_home-3Admarchan-
> >3Abranches-3Ahome-3Abluca-3Adpdk_dpdk_Fedora-5FRawhide_x86-
> >5F64&d=DwIFaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=dXeXaAMkP5COgn1zxHMy
> >aF1_d9IIuq6vHQO6NrIPjaE&m=NZ72Sr2OMEYZD7PIY59lshlAxZJJJepF5oxbHv0j
> >5Zg&s=yOCA3PfhZojqJv0iVKlzeqM7tYGVv0jjrnVcajUx_qA&e=
> >
> >[  126s]   CC rte_malloc.o
> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
> >1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:
> >In function 'eal_trace_dir_args_save':
> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
> >1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:29
> >0:24:
> >error: 'sprintf' may write a terminating nul past the end of the
> >destination [-Werror=format-overflow=]
> >[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
> >[  127s]       |                        ^
> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
> >1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:29
> >0:2:
> >note: 'sprintf' output between 2 and 4097 bytes into a destination of
> >size 4096
> >[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
> >[  127s]       |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >[  127s] cc1: all warnings being treated as errors
> >
> >
> >Could we use asprintf in all this code and avoid malloc + sprintf ?
> >
> As I understood from above warnings/errors, real problem is writing beyond destination i.e. dir_path.
> If this is the case then it can be simply handled using snprintf(); with correct "size" information.
> Suggested code changes are correct. I am just trying to achieve this with lesser code changes.
>
> Also I think, fix for this should be a separate patch.
> Suggestions please ?

If the code was not combining this malloc + sprintf + wrong checks
(caught by coverity), we would avoid both issues and it would be more
consistent.
No more suggestion from me.
  
Sunil Kumar Kori April 27, 2020, 2 p.m. UTC | #4
>-----Original Message-----
>From: David Marchand <david.marchand@redhat.com>
>Sent: Monday, April 27, 2020 7:22 PM
>To: Sunil Kumar Kori <skori@marvell.com>
>Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; dev <dev@dpdk.org>
>Subject: Re: [EXT] Re: [dpdk-dev] [PATCH] eal/trace: fix coverity issues
>
>On Mon, Apr 27, 2020 at 3:46 PM Sunil Kumar Kori <skori@marvell.com>
>wrote:
>>
>> >-----Original Message-----
>> >From: David Marchand <david.marchand@redhat.com>
>> >Sent: Monday, April 27, 2020 5:56 PM
>> >To: Sunil Kumar Kori <skori@marvell.com>
>> >Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; dev
>> ><dev@dpdk.org>
>> >Subject: [EXT] Re: [dpdk-dev] [PATCH] eal/trace: fix coverity issues
>> >
>> >External Email
>> >
>> >---------------------------------------------------------------------
>> >- On Mon, Apr 27, 2020 at 2:04 PM Sunil Kumar Kori
>> ><skori@marvell.com>
>> >wrote:
>> >>
>> >> Pointer was being dereferenced without NULL checking.
>> >>
>> >> Coverity issue: 357768
>> >>
>> >> Fixes: 8c8066ea6a7b ("trace: add trace mode configuration
>> >> parameter")
>> >>
>> >> Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
>> >> ---
>> >>  lib/librte_eal/common/eal_common_trace_utils.c | 3 ++-
>> >>  1 file changed, 2 insertions(+), 1 deletion(-)
>> >>
>> >> diff --git a/lib/librte_eal/common/eal_common_trace_utils.c
>> >> b/lib/librte_eal/common/eal_common_trace_utils.c
>> >> index fce8892c3..119e97119 100644
>> >> --- a/lib/librte_eal/common/eal_common_trace_utils.c
>> >> +++ b/lib/librte_eal/common/eal_common_trace_utils.c
>> >> @@ -227,15 +227,16 @@ int
>> >>  eal_trace_mode_args_save(const char *optarg)  {
>> >>         struct trace *trace = trace_obj_get();
>> >> -       size_t len = strlen(optarg);
>> >>         unsigned long tmp;
>> >>         char *pattern;
>> >> +       size_t len;
>> >>
>> >>         if (optarg == NULL) {
>> >>                 trace_err("no optarg is passed");
>> >>                 return -EINVAL;
>> >>         }
>> >>
>> >> +       len = strlen(optarg);
>> >>         if (len == 0) {
>> >>                 trace_err("value is not provided with option");
>> >>                 return -EINVAL;
>> >
>> >I was looking at some gcc 10 complaints on string manipulation later
>> >in eal_trace_dir_args_save().
>> >
>> >https://urldefense.proofpoint.com/v2/url?u=https-
>> >3A__build.opensuse.org_package_live-5Fbuild-5Flog_home-3Admarchan-
>> >3Abranches-3Ahome-3Abluca-3Adpdk_dpdk_Fedora-5FRawhide_x86-
>>
>>5F64&d=DwIFaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=dXeXaAMkP5COgn1zxHM
>y
>>
>>aF1_d9IIuq6vHQO6NrIPjaE&m=NZ72Sr2OMEYZD7PIY59lshlAxZJJJepF5oxbHv0
>j
>> >5Zg&s=yOCA3PfhZojqJv0iVKlzeqM7tYGVv0jjrnVcajUx_qA&e=
>> >
>> >[  126s]   CC rte_malloc.o
>> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>> >1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:
>> >In function 'eal_trace_dir_args_save':
>> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>>
>>1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:2
>> >9
>> >0:24:
>> >error: 'sprintf' may write a terminating nul past the end of the
>> >destination [-Werror=format-overflow=]
>> >[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
>> >[  127s]       |                        ^
>> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>>
>>1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:2
>> >9
>> >0:2:
>> >note: 'sprintf' output between 2 and 4097 bytes into a destination of
>> >size 4096
>> >[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
>> >[  127s]       |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> >[  127s] cc1: all warnings being treated as errors
>> >
>> >
>> >Could we use asprintf in all this code and avoid malloc + sprintf ?
>> >
>> As I understood from above warnings/errors, real problem is writing beyond
>destination i.e. dir_path.
>> If this is the case then it can be simply handled using snprintf(); with correct
>"size" information.
>> Suggested code changes are correct. I am just trying to achieve this with
>lesser code changes.
>>
>> Also I think, fix for this should be a separate patch.
>> Suggestions please ?
>
>If the code was not combining this malloc + sprintf + wrong checks (caught by
>coverity), we would avoid both issues and it would be more consistent.
>No more suggestion from me.
Agreed but It must be a separate patch because there could be other warnings too
thrown by GCC 10.x which may require handling. 
 
>
>
>--
>David Marchand
  
Sunil Kumar Kori April 30, 2020, 1:59 p.m. UTC | #5
Hello David,

Mentioned patch (http://patches.dpdk.org/patch/69467/ ) takes care of your input to resolve GCC 10 build.
Now I think, this patch is good to go. Please take care of this.  

Regards
Sunil Kumar Kori

>-----Original Message-----
>From: David Marchand <david.marchand@redhat.com>
>Sent: Monday, April 27, 2020 7:22 PM
>To: Sunil Kumar Kori <skori@marvell.com>
>Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; dev <dev@dpdk.org>
>Subject: Re: [EXT] Re: [dpdk-dev] [PATCH] eal/trace: fix coverity issues
>
>On Mon, Apr 27, 2020 at 3:46 PM Sunil Kumar Kori <skori@marvell.com>
>wrote:
>>
>> >-----Original Message-----
>> >From: David Marchand <david.marchand@redhat.com>
>> >Sent: Monday, April 27, 2020 5:56 PM
>> >To: Sunil Kumar Kori <skori@marvell.com>
>> >Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; dev
>> ><dev@dpdk.org>
>> >Subject: [EXT] Re: [dpdk-dev] [PATCH] eal/trace: fix coverity issues
>> >
>> >External Email
>> >
>> >---------------------------------------------------------------------
>> >- On Mon, Apr 27, 2020 at 2:04 PM Sunil Kumar Kori
>> ><skori@marvell.com>
>> >wrote:
>> >>
>> >> Pointer was being dereferenced without NULL checking.
>> >>
>> >> Coverity issue: 357768
>> >>
>> >> Fixes: 8c8066ea6a7b ("trace: add trace mode configuration
>> >> parameter")
>> >>
>> >> Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
>> >> ---
>> >>  lib/librte_eal/common/eal_common_trace_utils.c | 3 ++-
>> >>  1 file changed, 2 insertions(+), 1 deletion(-)
>> >>
>> >> diff --git a/lib/librte_eal/common/eal_common_trace_utils.c
>> >> b/lib/librte_eal/common/eal_common_trace_utils.c
>> >> index fce8892c3..119e97119 100644
>> >> --- a/lib/librte_eal/common/eal_common_trace_utils.c
>> >> +++ b/lib/librte_eal/common/eal_common_trace_utils.c
>> >> @@ -227,15 +227,16 @@ int
>> >>  eal_trace_mode_args_save(const char *optarg)  {
>> >>         struct trace *trace = trace_obj_get();
>> >> -       size_t len = strlen(optarg);
>> >>         unsigned long tmp;
>> >>         char *pattern;
>> >> +       size_t len;
>> >>
>> >>         if (optarg == NULL) {
>> >>                 trace_err("no optarg is passed");
>> >>                 return -EINVAL;
>> >>         }
>> >>
>> >> +       len = strlen(optarg);
>> >>         if (len == 0) {
>> >>                 trace_err("value is not provided with option");
>> >>                 return -EINVAL;
>> >
>> >I was looking at some gcc 10 complaints on string manipulation later
>> >in eal_trace_dir_args_save().
>> >
>> >https://urldefense.proofpoint.com/v2/url?u=https-
>> >3A__build.opensuse.org_package_live-5Fbuild-5Flog_home-3Admarchan-
>> >3Abranches-3Ahome-3Abluca-3Adpdk_dpdk_Fedora-5FRawhide_x86-
>>
>>5F64&d=DwIFaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=dXeXaAMkP5COgn1zxHM
>y
>>
>>aF1_d9IIuq6vHQO6NrIPjaE&m=NZ72Sr2OMEYZD7PIY59lshlAxZJJJepF5oxbHv0
>j
>> >5Zg&s=yOCA3PfhZojqJv0iVKlzeqM7tYGVv0jjrnVcajUx_qA&e=
>> >
>> >[  126s]   CC rte_malloc.o
>> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>> >1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:
>> >In function 'eal_trace_dir_args_save':
>> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>>
>>1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:2
>> >9
>> >0:24:
>> >error: 'sprintf' may write a terminating nul past the end of the
>> >destination [-Werror=format-overflow=]
>> >[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
>> >[  127s]       |                        ^
>> >[  127s] /home/abuild/rpmbuild/BUILD/dpdk-
>>
>>1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:2
>> >9
>> >0:2:
>> >note: 'sprintf' output between 2 and 4097 bytes into a destination of
>> >size 4096
>> >[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
>> >[  127s]       |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> >[  127s] cc1: all warnings being treated as errors
>> >
>> >
>> >Could we use asprintf in all this code and avoid malloc + sprintf ?
>> >
>> As I understood from above warnings/errors, real problem is writing beyond
>destination i.e. dir_path.
>> If this is the case then it can be simply handled using snprintf(); with correct
>"size" information.
>> Suggested code changes are correct. I am just trying to achieve this with
>lesser code changes.
>>
>> Also I think, fix for this should be a separate patch.
>> Suggestions please ?
>
>If the code was not combining this malloc + sprintf + wrong checks (caught by
>coverity), we would avoid both issues and it would be more consistent.
>No more suggestion from me.
>
>
>--
>David Marchand
  

Patch

diff --git a/lib/librte_eal/common/eal_common_trace_utils.c b/lib/librte_eal/common/eal_common_trace_utils.c
index fce8892c3..119e97119 100644
--- a/lib/librte_eal/common/eal_common_trace_utils.c
+++ b/lib/librte_eal/common/eal_common_trace_utils.c
@@ -227,15 +227,16 @@  int
 eal_trace_mode_args_save(const char *optarg)
 {
 	struct trace *trace = trace_obj_get();
-	size_t len = strlen(optarg);
 	unsigned long tmp;
 	char *pattern;
+	size_t len;
 
 	if (optarg == NULL) {
 		trace_err("no optarg is passed");
 		return -EINVAL;
 	}
 
+	len = strlen(optarg);
 	if (len == 0) {
 		trace_err("value is not provided with option");
 		return -EINVAL;