drivers: fix sprintf with snprintf

Message ID 1546857983-28787-1-git-send-email-pallantlax.poornima@intel.com
State Accepted, archived
Delegated to: Thomas Monjalon
Headers show
Series
  • drivers: fix sprintf with snprintf
Related show

Checks

Context Check Description
ci/Intel-compilation success Compilation OK
ci/intel-Performance-Testing success Performance Testing PASS
ci/mellanox-Performance-Testing success Performance Testing PASS
ci/checkpatch success coding style OK

Commit Message

Pallantla Poornima Jan. 7, 2019, 10:46 a.m.
sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf is used

Fixes: 828d51d8fc ("bus/fslmc: refactor scan and probe functions")
Fixes: c22fab9a6c ("raw/dpaa2_qdma: support configuration APIs")
Fixes: e5cbdfc537 ("crypto/dpaa2_sec: add basic operations")
Fixes: b23d4e898a ("crypto/dpaa2_sec: add per dev mempool to store FLE")
Fixes: 623326dded ("crypto/dpaa2_sec: introduce poll mode driver")
Fixes: e7a45f3cc2 ("crypto/caam_jr: add UIO specific operations")
Fixes: f44bccadd8 ("crypto/caam_jr: add device basic operations")
Fixes: 7e3e2954e0 ("crypto/dpaa_sec: move mempool allocation to config")
Fixes: c3e85bdcc6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org

Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
---
 drivers/bus/fslmc/fslmc_bus.c               |  4 ++--
 drivers/crypto/caam_jr/caam_jr.c            |  2 +-
 drivers/crypto/caam_jr/caam_jr_uio.c        | 13 ++++++-------
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c |  8 +++++---
 drivers/crypto/dpaa_sec/dpaa_sec.c          |  5 +++--
 drivers/raw/dpaa2_qdma/dpaa2_qdma.c         |  2 +-
 6 files changed, 18 insertions(+), 16 deletions(-)

Comments

Akhil Goyal Jan. 9, 2019, 2:47 p.m. | #1
On 1/7/2019 4:16 PM, Pallantla Poornima wrote:
> sprintf function is not secure as it doesn't check the length of string.
> More secure function snprintf is used
>
> Fixes: 828d51d8fc ("bus/fslmc: refactor scan and probe functions")
> Fixes: c22fab9a6c ("raw/dpaa2_qdma: support configuration APIs")
> Fixes: e5cbdfc537 ("crypto/dpaa2_sec: add basic operations")
> Fixes: b23d4e898a ("crypto/dpaa2_sec: add per dev mempool to store FLE")
> Fixes: 623326dded ("crypto/dpaa2_sec: introduce poll mode driver")
> Fixes: e7a45f3cc2 ("crypto/caam_jr: add UIO specific operations")
> Fixes: f44bccadd8 ("crypto/caam_jr: add device basic operations")
> Fixes: 7e3e2954e0 ("crypto/dpaa_sec: move mempool allocation to config")
> Fixes: c3e85bdcc6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
> Cc: stable@dpdk.org
>
> Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
> ---
>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Thomas Monjalon Jan. 14, 2019, 10:20 p.m. | #2
09/01/2019 15:47, Akhil Goyal:
> On 1/7/2019 4:16 PM, Pallantla Poornima wrote:
> > sprintf function is not secure as it doesn't check the length of string.
> > More secure function snprintf is used
> >
> > Fixes: 828d51d8fc ("bus/fslmc: refactor scan and probe functions")
> > Fixes: c22fab9a6c ("raw/dpaa2_qdma: support configuration APIs")
> > Fixes: e5cbdfc537 ("crypto/dpaa2_sec: add basic operations")
> > Fixes: b23d4e898a ("crypto/dpaa2_sec: add per dev mempool to store FLE")
> > Fixes: 623326dded ("crypto/dpaa2_sec: introduce poll mode driver")
> > Fixes: e7a45f3cc2 ("crypto/caam_jr: add UIO specific operations")
> > Fixes: f44bccadd8 ("crypto/caam_jr: add device basic operations")
> > Fixes: 7e3e2954e0 ("crypto/dpaa_sec: move mempool allocation to config")
> > Fixes: c3e85bdcc6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
> > ---
> >
> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied, thanks

Patch

diff --git a/drivers/bus/fslmc/fslmc_bus.c b/drivers/bus/fslmc/fslmc_bus.c
index 89af9385a..18e038d05 100644
--- a/drivers/bus/fslmc/fslmc_bus.c
+++ b/drivers/bus/fslmc/fslmc_bus.c
@@ -293,8 +293,8 @@  rte_fslmc_scan(void)
 		goto scan_fail;
 
 	/* Scan devices on the group */
-	sprintf(fslmc_dirpath, "%s/%d/devices", VFIO_IOMMU_GROUP_PATH,
-		groupid);
+	snprintf(fslmc_dirpath, sizeof(fslmc_dirpath), "%s/%d/devices",
+			VFIO_IOMMU_GROUP_PATH, groupid);
 	dir = opendir(fslmc_dirpath);
 	if (!dir) {
 		DPAA2_BUS_ERR("Unable to open VFIO group directory");
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index f505adf6b..190053ee6 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -2012,7 +2012,7 @@  caam_jr_dev_configure(struct rte_cryptodev *dev,
 	PMD_INIT_FUNC_TRACE();
 
 	internals = dev->data->dev_private;
-	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
+	snprintf(str, sizeof(str), "ctx_pool_%d", dev->data->dev_id);
 	if (!internals->ctx_pool) {
 		internals->ctx_pool = rte_mempool_create((const char *)str,
 						CTX_POOL_NUM_BUFS,
diff --git a/drivers/crypto/caam_jr/caam_jr_uio.c b/drivers/crypto/caam_jr/caam_jr_uio.c
index d94101c2f..bf872a220 100644
--- a/drivers/crypto/caam_jr/caam_jr_uio.c
+++ b/drivers/crypto/caam_jr/caam_jr_uio.c
@@ -284,11 +284,11 @@  uio_map_registers(int uio_device_fd, int uio_device_id,
 	memset(uio_map_size_str, 0, sizeof(uio_map_size_str));
 
 	/* Compose string: /sys/class/uio/uioX */
-	sprintf(uio_sys_root, "%s/%s%d", SEC_UIO_DEVICE_SYS_ATTR_PATH,
-		"uio", uio_device_id);
+	snprintf(uio_sys_root, sizeof(uio_sys_root), "%s/%s%d",
+			SEC_UIO_DEVICE_SYS_ATTR_PATH, "uio", uio_device_id);
 	/* Compose string: maps/mapY */
-	sprintf(uio_sys_map_subdir, "%s%d", SEC_UIO_DEVICE_SYS_MAP_ATTR,
-		uio_map_id);
+	snprintf(uio_sys_map_subdir, sizeof(uio_sys_map_subdir), "%s%d",
+			SEC_UIO_DEVICE_SYS_MAP_ATTR, uio_map_id);
 
 	/* Read first (and only) line from file
 	 * /sys/class/uio/uioX/maps/mapY/size
@@ -389,9 +389,8 @@  uio_job_ring *config_job_ring(void)
 
 	/* Find UIO device created by SEC kernel driver for this job ring. */
 	memset(uio_device_file_name, 0, sizeof(uio_device_file_name));
-
-	sprintf(uio_device_file_name, "%s%d", SEC_UIO_DEVICE_FILE_NAME,
-		job_ring->uio_minor_number);
+	snprintf(uio_device_file_name, sizeof(uio_device_file_name), "%s%d",
+			SEC_UIO_DEVICE_FILE_NAME, job_ring->uio_minor_number);
 
 	/* Open device file */
 	job_ring->uio_fd = open(uio_device_file_name, O_RDWR);
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 6095c6021..8f75339ea 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -3372,14 +3372,15 @@  dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
 			     retcode);
 		goto init_error;
 	}
-	sprintf(cryptodev->data->name, "dpsec-%u", hw_id);
+	snprintf(cryptodev->data->name, sizeof(cryptodev->data->name),
+			"dpsec-%u", hw_id);
 
 	internals->max_nb_queue_pairs = attr.num_tx_queues;
 	cryptodev->data->nb_queue_pairs = internals->max_nb_queue_pairs;
 	internals->hw = dpseci;
 	internals->token = token;
 
-	sprintf(str, "fle_pool_%d", cryptodev->data->dev_id);
+	snprintf(str, sizeof(str), "fle_pool_%d", cryptodev->data->dev_id);
 	internals->fle_pool = rte_mempool_create((const char *)str,
 			FLE_POOL_NUM_BUFS,
 			FLE_POOL_BUF_SIZE,
@@ -3410,7 +3411,8 @@  cryptodev_dpaa2_sec_probe(struct rte_dpaa2_driver *dpaa2_drv __rte_unused,
 
 	int retval;
 
-	sprintf(cryptodev_name, "dpsec-%d", dpaa2_dev->object_id);
+	snprintf(cryptodev_name, sizeof(cryptodev_name), "dpsec-%d",
+			dpaa2_dev->object_id);
 
 	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
 	if (cryptodev == NULL)
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index d83e74541..8958fd06a 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2185,7 +2185,7 @@  dpaa_sec_dev_configure(struct rte_cryptodev *dev,
 	PMD_INIT_FUNC_TRACE();
 
 	internals = dev->data->dev_private;
-	sprintf(str, "ctx_pool_%d", dev->data->dev_id);
+	snprintf(str, sizeof(str), "ctx_pool_%d", dev->data->dev_id);
 	if (!internals->ctx_pool) {
 		internals->ctx_pool = rte_mempool_create((const char *)str,
 							CTX_POOL_NUM_BUFS,
@@ -2391,7 +2391,8 @@  cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 
 	int retval;
 
-	sprintf(cryptodev_name, "dpaa_sec-%d", dpaa_dev->id.dev_id);
+	snprintf(cryptodev_name, sizeof(cryptodev_name), "dpaa_sec-%d",
+			dpaa_dev->id.dev_id);
 
 	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
 	if (cryptodev == NULL)
diff --git a/drivers/raw/dpaa2_qdma/dpaa2_qdma.c b/drivers/raw/dpaa2_qdma/dpaa2_qdma.c
index f474442d4..60621eb85 100644
--- a/drivers/raw/dpaa2_qdma/dpaa2_qdma.c
+++ b/drivers/raw/dpaa2_qdma/dpaa2_qdma.c
@@ -313,7 +313,7 @@  rte_qdma_vq_create(uint32_t lcore_id, uint32_t flags)
 		qdma_vqs[i].exclusive_hw_queue = 1;
 	} else {
 		/* Allocate a Ring for Virutal Queue in VQ mode */
-		sprintf(ring_name, "status ring %d", i);
+		snprintf(ring_name, sizeof(ring_name), "status ring %d", i);
 		qdma_vqs[i].status_ring = rte_ring_create(ring_name,
 			qdma_dev.fle_pool_count, rte_socket_id(), 0);
 		if (!qdma_vqs[i].status_ring) {