[v8] drivers/net: fix possible overflow using strlcat

  strcat does not check the destination length and there might be
chances of string overflow so instead of strcat, strlcat is used.

Fixes: 540a211084 ("bnx2x: driver core")
Fixes: e163c18a15 ("net/i40e: update ptype and pctype info")
Cc: stable@dpdk.org

Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
---
v8: Added missing semi-colon.
v7: Corrected title.
v6: Updated title.
v5: Removed strcat.
v4: Corrected usage of strlcat.
v3: Instead of strncat, used strlcat.
v2: Instead of strncat, used snprintf.
---
 drivers/net/bnx2x/bnx2x.c      | 5 +++--
 drivers/net/i40e/i40e_ethdev.c | 4 ++--
 2 files changed, 5 insertions(+), 4 deletions(-)
  

> -----Original Message-----
> From: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
> Sent: Friday, March 22, 2019 1:22 PM
> To: dev@dpdk.org
> Cc: reshma.pattan@intel.com; jananeex.m.parthasarathy@intel.com; Rasesh
> Mody <rmody@marvell.com>; Shahed Shaikh <shshaikh@marvell.com>;
> beilei.xing@intel.com; qi.z.zhang@intel.com; Chaitanya Babu Talluri
> <tallurix.chaitanya.babu@intel.com>; stable@dpdk.org
> Subject: [EXT] [PATCH v8] drivers/net: fix possible overflow using strlcat
> 
> strcat does not check the destination length and there might be chances of
> string overflow so instead of strcat, strlcat is used.
> 
> Fixes: 540a211084 ("bnx2x: driver core")
> Fixes: e163c18a15 ("net/i40e: update ptype and pctype info")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
> ---
> v8: Added missing semi-colon.
> v7: Corrected title.
> v6: Updated title.
> v5: Removed strcat.
> v4: Corrected usage of strlcat.
> v3: Instead of strncat, used strlcat.
> v2: Instead of strncat, used snprintf.
> ---
>  drivers/net/bnx2x/bnx2x.c      | 5 +++--
>  drivers/net/i40e/i40e_ethdev.c | 4 ++--
>  2 files changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/net/bnx2x/bnx2x.c b/drivers/net/bnx2x/bnx2x.c index
> 26b3828e8..ab092e23f 100644
> --- a/drivers/net/bnx2x/bnx2x.c
> +++ b/drivers/net/bnx2x/bnx2x.c
> @@ -25,6 +25,7 @@
>  #include <sys/stat.h>
>  #include <fcntl.h>
>  #include <zlib.h>
> +#include <rte_string_fns.h>
> 
>  #define BNX2X_PMD_VER_PREFIX "BNX2X PMD"
>  #define BNX2X_PMD_VERSION_MAJOR 1
> @@ -11741,13 +11742,13 @@ static const char *get_bnx2x_flags(uint32_t
> flags)
> 
>  	for (i = 0; i < 5; i++)
>  		if (flags & (1 << i)) {
> -			strcat(flag_str, flag[i]);
> +			strlcat(flag_str, flag[i], sizeof(flag_str));
>  			flags ^= (1 << i);
>  		}
>  	if (flags) {
>  		static char unknown[BNX2X_INFO_STR_MAX];
>  		snprintf(unknown, 32, "Unknown flag mask %x", flags);
> -		strcat(flag_str, unknown);
> +		strlcat(flag_str, unknown, sizeof(flag_str));
>  	}
>  	return flag_str;
>  }

For bnx2x PMD changes -
Acked-by: Shahed Shaikh <shshaikh@marvell.com>

Thanks,
Shahed
  

On 3/22/2019 8:02 AM, Shahed Shaikh wrote:
>> -----Original Message-----
>> From: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
>> Sent: Friday, March 22, 2019 1:22 PM
>> To: dev@dpdk.org
>> Cc: reshma.pattan@intel.com; jananeex.m.parthasarathy@intel.com; Rasesh
>> Mody <rmody@marvell.com>; Shahed Shaikh <shshaikh@marvell.com>;
>> beilei.xing@intel.com; qi.z.zhang@intel.com; Chaitanya Babu Talluri
>> <tallurix.chaitanya.babu@intel.com>; stable@dpdk.org
>> Subject: [EXT] [PATCH v8] drivers/net: fix possible overflow using strlcat
>>
>> strcat does not check the destination length and there might be chances of
>> string overflow so instead of strcat, strlcat is used.
>>
>> Fixes: 540a211084 ("bnx2x: driver core")
>> Fixes: e163c18a15 ("net/i40e: update ptype and pctype info")
>> Cc: stable@dpdk.org
>>
>> Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
> 
> For bnx2x PMD changes -
> Acked-by: Shahed Shaikh <shshaikh@marvell.com>
> 

Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>

Applied to dpdk-next-net/master, thanks.