[dpdk-dev] example/ip_pipeline: fix copy into fixed size buffer defect
Commit Message
Coverity issue: 107133
Fixes: eb32fe7c5574 ("examples/ip_pipeline: rework initialization parameters")
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
---
examples/ip_pipeline/init.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
Comments
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fan Zhang
> Sent: Friday, December 11, 2015 11:29 AM
> To: dev@dpdk.org
> Subject: [dpdk-dev] [PATCH] example/ip_pipeline: fix copy into fixed size
> buffer defect
>
> Coverity issue: 107133
> Fixes: eb32fe7c5574 ("examples/ip_pipeline: rework initialization
> parameters")
>
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> Acked-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
> ---
> examples/ip_pipeline/init.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/examples/ip_pipeline/init.c b/examples/ip_pipeline/init.c
> index bc6d6d9..5bcb420 100644
> --- a/examples/ip_pipeline/init.c
> +++ b/examples/ip_pipeline/init.c
> @@ -1068,7 +1068,10 @@ static void app_pipeline_params_get(struct
> app_params *app,
> uint32_t i;
> uint32_t mempool_id;
>
> - strcpy(p_out->name, p_in->name);
> + if (sizeof(p_in->name) > PIPELINE_NAME_SIZE)
> + strncpy(p_out->name, p_in->name, PIPELINE_NAME_SIZE);
> + else
> + strcpy(p_out->name, p_in->name);
>
> p_out->socket_id = (int) p_in->socket_id;
>
Hi Fan,
I think there could still be issues here (depending of the size/types of p_out->name and p_in->name). Probably better as something like:
strncpy(p_out->name, p_in->name, PIPELINE_NAME_SIZE);
p_out->name[PIPELINE_NAME_SIZE -1] = '\0';
John.
--
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Mcnamara, John
> Sent: Friday, December 11, 2015 3:37 PM
> To: Zhang, Roy Fan <roy.fan.zhang@intel.com>; dev@dpdk.org
> Subject: Re: [dpdk-dev] [PATCH] example/ip_pipeline: fix copy into fixed
> size buffer defect
>
> > -----Original Message-----
> > From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fan Zhang
> > Sent: Friday, December 11, 2015 11:29 AM
> > To: dev@dpdk.org
> > Subject: [dpdk-dev] [PATCH] example/ip_pipeline: fix copy into fixed
> > size buffer defect
> >
> > Coverity issue: 107133
> > Fixes: eb32fe7c5574 ("examples/ip_pipeline: rework initialization
> > parameters")
> >
> > Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> > Acked-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
> > ---
> > examples/ip_pipeline/init.c | 5 ++++-
> > 1 file changed, 4 insertions(+), 1 deletion(-)
> >
> > diff --git a/examples/ip_pipeline/init.c b/examples/ip_pipeline/init.c
> > index bc6d6d9..5bcb420 100644
> > --- a/examples/ip_pipeline/init.c
> > +++ b/examples/ip_pipeline/init.c
> > @@ -1068,7 +1068,10 @@ static void app_pipeline_params_get(struct
> > app_params *app,
> > uint32_t i;
> > uint32_t mempool_id;
> >
> > - strcpy(p_out->name, p_in->name);
> > + if (sizeof(p_in->name) > PIPELINE_NAME_SIZE)
> > + strncpy(p_out->name, p_in->name, PIPELINE_NAME_SIZE);
> > + else
> > + strcpy(p_out->name, p_in->name);
> >
> > p_out->socket_id = (int) p_in->socket_id;
> >
>
> Hi Fan,
>
> I think there could still be issues here (depending of the size/types of
> p_out->name and p_in->name). Probably better as something like:
>
> strncpy(p_out->name, p_in->name, PIPELINE_NAME_SIZE);
> p_out->name[PIPELINE_NAME_SIZE -1] = '\0';
>
> John.
> --
Use snprintf to avoid having to explicitly null terminate, perhaps?
/Bruce
@@ -1068,7 +1068,10 @@ static void app_pipeline_params_get(struct app_params *app,
uint32_t i;
uint32_t mempool_id;
- strcpy(p_out->name, p_in->name);
+ if (sizeof(p_in->name) > PIPELINE_NAME_SIZE)
+ strncpy(p_out->name, p_in->name, PIPELINE_NAME_SIZE);
+ else
+ strcpy(p_out->name, p_in->name);
p_out->socket_id = (int) p_in->socket_id;