diff mbox

[dpdk-dev] vhost: fix buffer not null terminated

Message ID 1462896678-40929-1-git-send-email-danielx.t.mrzyglod@intel.com (mailing list archive)
State Accepted, archived
Delegated to: Yuanhan Liu
Headers

Commit Message

Daniel Mrzyglod May 10, 2016, 4:11 p.m. UTC 
  Fix issue reported by Coverity.
Coverity ID 124556

If the buffer is treated as a null terminated string in later operations,
a buffer overflow or over-read may occur.

In vhost_set_ifname: The string buffer may not have a null terminator if
the source string's length is equal to the buffer size

Fixes: 54292e9520e0 ("vhost: support ifname for vhost-user")

Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
---
 lib/librte_vhost/virtio-net.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Yuanhan Liu May 10, 2016, 6:27 p.m. UTC | #1 
On Tue, May 10, 2016 at 06:11:18PM +0200, Daniel Mrzyglod wrote:
> Fix issue reported by Coverity.
> Coverity ID 124556
> 
> If the buffer is treated as a null terminated string in later operations,
> a buffer overflow or over-read may occur.
> 
> In vhost_set_ifname: The string buffer may not have a null terminator if
> the source string's length is equal to the buffer size
> 
> Fixes: 54292e9520e0 ("vhost: support ifname for vhost-user")
> 
> Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>

Applied to dpdk-next-virtio.

Thanks.

	--yliu
diff mbox

Patch

diff --git a/lib/librte_vhost/virtio-net.c b/lib/librte_vhost/virtio-net.c
index d870ad9..f4695af 100644
--- a/lib/librte_vhost/virtio-net.c
+++ b/lib/librte_vhost/virtio-net.c
@@ -320,6 +320,7 @@  vhost_set_ifname(struct vhost_device_ctx ctx,
 		sizeof(dev->ifname) : if_len;
 
 	strncpy(dev->ifname, if_name, len);
+	dev->ifname[sizeof(dev->ifname) - 1] = '\0';
 }