[v2] examples/vm_power_manager: fix string null termination
Checks
Commit Message
coverity complains about a null-termination after a read,
so we terminate after exiting the do-while loop. The position
is conditional on whether idx is within the buffer or at the
end of the buffer.
Coverity issue: 337680
Fixes: a63504a90f ("examples/power: add JSON string handling")
CC: stable@dpdk.org
Signed-off-by: David Hunt <david.hunt@intel.com>
---
v2:
* Move null termination outside of do-while.
---
examples/vm_power_manager/channel_monitor.c | 2 ++
1 file changed, 2 insertions(+)
Comments
On 26-Apr-19 12:24 PM, David Hunt wrote:
> coverity complains about a null-termination after a read,
> so we terminate after exiting the do-while loop. The position
> is conditional on whether idx is within the buffer or at the
> end of the buffer.
>
> Coverity issue: 337680
> Fixes: a63504a90f ("examples/power: add JSON string handling")
> CC: stable@dpdk.org
>
> Signed-off-by: David Hunt <david.hunt@intel.com>
>
> ---
> v2:
> * Move null termination outside of do-while.
> ---
> examples/vm_power_manager/channel_monitor.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/examples/vm_power_manager/channel_monitor.c b/examples/vm_power_manager/channel_monitor.c
> index 971e4f2bc..03fdcd15a 100644
> --- a/examples/vm_power_manager/channel_monitor.c
> +++ b/examples/vm_power_manager/channel_monitor.c
> @@ -822,6 +822,8 @@ read_json_packet(struct channel_info *chan_info)
> break;
> } while (indent > 0);
>
> + json_data[idx + (idx < MAX_JSON_STRING_LEN - 1)] = '\0';
> +
I don't think you need this complicated logic here. You start at idx =
0, so even if you receive 0 bytes, you'll terminate buffer at index 0.
You also break when idx reaches (MAX_JSON_STRING_LEN - 1), so it's also
safe to do json_data[idx] after the loop. In all other cases, you still
increment idx before breaking out (e.g. when reaching indent == 0), so
it's also safe to do json_data[idx] in those cases.
> if (indent > 0)
> /*
> * We've broken out of the read loop without getting
>
On Fri, Apr 26, 2019 at 12:56:08PM +0100, Burakov, Anatoly wrote:
> On 26-Apr-19 12:24 PM, David Hunt wrote:
> > coverity complains about a null-termination after a read,
> > so we terminate after exiting the do-while loop. The position
> > is conditional on whether idx is within the buffer or at the
> > end of the buffer.
> >
> > Coverity issue: 337680
> > Fixes: a63504a90f ("examples/power: add JSON string handling")
> > CC: stable@dpdk.org
> >
> > Signed-off-by: David Hunt <david.hunt@intel.com>
> >
> > ---
> > v2:
> > * Move null termination outside of do-while.
> > ---
> > examples/vm_power_manager/channel_monitor.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/examples/vm_power_manager/channel_monitor.c b/examples/vm_power_manager/channel_monitor.c
> > index 971e4f2bc..03fdcd15a 100644
> > --- a/examples/vm_power_manager/channel_monitor.c
> > +++ b/examples/vm_power_manager/channel_monitor.c
> > @@ -822,6 +822,8 @@ read_json_packet(struct channel_info *chan_info)
> > break;
> > } while (indent > 0);
> > + json_data[idx + (idx < MAX_JSON_STRING_LEN - 1)] = '\0';
> > +
>
> I don't think you need this complicated logic here. You start at idx = 0, so
> even if you receive 0 bytes, you'll terminate buffer at index 0. You also
> break when idx reaches (MAX_JSON_STRING_LEN - 1), so it's also safe to do
> json_data[idx] after the loop. In all other cases, you still increment idx
> before breaking out (e.g. when reaching indent == 0), so it's also safe to
> do json_data[idx] in those cases.
>
+1 to that.
An alternative and simpler option might be to memset the who array to zero
before you start anyway.
/Bruce
On 26-Apr-19 1:31 PM, Bruce Richardson wrote:
> On Fri, Apr 26, 2019 at 12:56:08PM +0100, Burakov, Anatoly wrote:
>> On 26-Apr-19 12:24 PM, David Hunt wrote:
>>> coverity complains about a null-termination after a read,
>>> so we terminate after exiting the do-while loop. The position
>>> is conditional on whether idx is within the buffer or at the
>>> end of the buffer.
>>>
>>> Coverity issue: 337680
>>> Fixes: a63504a90f ("examples/power: add JSON string handling")
>>> CC: stable@dpdk.org
>>>
>>> Signed-off-by: David Hunt <david.hunt@intel.com>
>>>
>>> ---
>>> v2:
>>> * Move null termination outside of do-while.
>>> ---
>>> examples/vm_power_manager/channel_monitor.c | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> diff --git a/examples/vm_power_manager/channel_monitor.c b/examples/vm_power_manager/channel_monitor.c
>>> index 971e4f2bc..03fdcd15a 100644
>>> --- a/examples/vm_power_manager/channel_monitor.c
>>> +++ b/examples/vm_power_manager/channel_monitor.c
>>> @@ -822,6 +822,8 @@ read_json_packet(struct channel_info *chan_info)
>>> break;
>>> } while (indent > 0);
>>> + json_data[idx + (idx < MAX_JSON_STRING_LEN - 1)] = '\0';
>>> +
>>
>> I don't think you need this complicated logic here. You start at idx = 0, so
>> even if you receive 0 bytes, you'll terminate buffer at index 0. You also
>> break when idx reaches (MAX_JSON_STRING_LEN - 1), so it's also safe to do
>> json_data[idx] after the loop. In all other cases, you still increment idx
>> before breaking out (e.g. when reaching indent == 0), so it's also safe to
>> do json_data[idx] in those cases.
>>
> +1 to that.
>
> An alternative and simpler option might be to memset the who array to zero
> before you start anyway.
That'll cost us few extra cycles on a non-performance critical path full
of syscalls, surely we can't have that! :)
>
> /Bruce
>
@@ -822,6 +822,8 @@ read_json_packet(struct channel_info *chan_info)
break;
} while (indent > 0);
+ json_data[idx + (idx < MAX_JSON_STRING_LEN - 1)] = '\0';
+
if (indent > 0)
/*
* We've broken out of the read loop without getting