From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by dpdk.org (Postfix) with ESMTP id 6ED5827D; Fri, 8 Mar 2019 13:47:01 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Mar 2019 04:47:00 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,455,1544515200"; d="scan'208";a="149814039" Received: from irvmail001.ir.intel.com ([163.33.26.43]) by fmsmga002.fm.intel.com with ESMTP; 08 Mar 2019 04:46:58 -0800 Received: from wgcvswdev001.ir.intel.com (wgcvswdev001.ir.intel.com [10.102.246.100]) by irvmail001.ir.intel.com (8.14.3/8.13.6/MailSET/Hub) with ESMTP id x28CkvxS005267; Fri, 8 Mar 2019 12:46:57 GMT Received: from wgcvswdev001.ir.intel.com (localhost [127.0.0.1]) by wgcvswdev001.ir.intel.com with ESMTP id x28CkJc0005232; Fri, 8 Mar 2019 12:46:19 GMT Received: (from tchaitax@localhost) by wgcvswdev001.ir.intel.com with œ id x28CkJe8005227; Fri, 8 Mar 2019 12:46:19 GMT From: Chaitanya Babu Talluri To: dev@dpdk.org Cc: reshma.pattan@intel.com, jananeex.m.parthasarathy@intel.com, cristian.dumitrescu@intel.com, ferruh.yigit@intel.com, bruce.richardson@intel.com, Chaitanya Babu Talluri , stable@dpdk.org Date: Fri, 8 Mar 2019 12:45:50 +0000 Message-Id: <1552049150-5046-1-git-send-email-tallurix.chaitanya.babu@intel.com> X-Mailer: git-send-email 1.7.0.7 In-Reply-To: <1550136631-32415-1-git-send-email-tallurix.chaitanya.babu@intel.com> References: <1550136631-32415-1-git-send-email-tallurix.chaitanya.babu@intel.com> Subject: [dpdk-dev] [PATCH v2] lib/cfgfile: replace strcat with strlcat X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Mar 2019 12:47:02 -0000 Replace strcat with strlcat to avoid buffer overflow. Fixes: a6a47ac9c2 ("cfgfile: rework load function") Cc: stable@dpdk.org Signed-off-by: Chaitanya Babu Talluri --- v2: Instead of strcat, used strlcat. --- lib/librte_cfgfile/rte_cfgfile.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/librte_cfgfile/rte_cfgfile.c b/lib/librte_cfgfile/rte_cfgfile.c index 7d8c941ea..3296bb6f8 100644 --- a/lib/librte_cfgfile/rte_cfgfile.c +++ b/lib/librte_cfgfile/rte_cfgfile.c @@ -8,6 +8,7 @@ #include #include #include +#include #include "rte_cfgfile.h" @@ -224,10 +225,11 @@ rte_cfgfile_load_with_params(const char *filename, int flags, _strip(split[1], strlen(split[1])); char *end = memchr(split[1], '\\', strlen(split[1])); + size_t split_len = strlen(split[1]) + 1; while (end != NULL) { if (*(end+1) == params->comment_character) { *end = '\0'; - strcat(split[1], end+1); + strlcat(split[1], end+1, split_len); } else end++; end = memchr(end, '\\', strlen(end)); -- 2.17.2