From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by dpdk.org (Postfix) with ESMTP id 67C84532C; Tue, 9 Apr 2019 15:06:53 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Apr 2019 06:06:51 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,329,1549958400"; d="scan'208";a="141295654" Received: from irvmail001.ir.intel.com ([163.33.26.43]) by fmsmga007.fm.intel.com with ESMTP; 09 Apr 2019 06:06:50 -0700 Received: from wgcvswdev001.ir.intel.com (wgcvswdev001.ir.intel.com [10.102.246.100]) by irvmail001.ir.intel.com (8.14.3/8.13.6/MailSET/Hub) with ESMTP id x39D6n1j027937; Tue, 9 Apr 2019 14:06:49 +0100 Received: from wgcvswdev001.ir.intel.com (localhost [127.0.0.1]) by wgcvswdev001.ir.intel.com with ESMTP id x39D67mO009593; Tue, 9 Apr 2019 14:06:07 +0100 Received: (from ppoornix@localhost) by wgcvswdev001.ir.intel.com with œ id x39D67Y8009589; Tue, 9 Apr 2019 14:06:07 +0100 From: Pallantla Poornima To: dev@dpdk.org Cc: reshma.pattan@intel.com, amr.mokhtar@intel.com, Pallantla Poornima , stable@dpdk.org Date: Tue, 9 Apr 2019 14:05:40 +0100 Message-Id: <1554815140-9407-1-git-send-email-pallantlax.poornima@intel.com> X-Mailer: git-send-email 1.7.0.7 In-Reply-To: <1550487010-730-1-git-send-email-pallantlax.poornima@intel.com> References: <1550487010-730-1-git-send-email-pallantlax.poornima@intel.com> Subject: [dpdk-dev] [PATCH v3] app/testbbdev: fix sprintf with snprintf or strlcpy X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Apr 2019 13:06:54 -0000 sprintf function is not secure as it doesn't check the length of string. More secure function snprintf and strlcpy is used. Fixes: f714a18885 ("app/testbbdev: add test application for bbdev") Cc: stable@dpdk.org Signed-off-by: Pallantla Poornima Acked-by: Amr Mokhtar --- v3: Added Ack. v2: Used strlcpy instead of snprintf as suggested. --- app/test-bbdev/test_bbdev.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/app/test-bbdev/test_bbdev.c b/app/test-bbdev/test_bbdev.c index a914817bc..137c74cde 100644 --- a/app/test-bbdev/test_bbdev.c +++ b/app/test-bbdev/test_bbdev.c @@ -14,6 +14,8 @@ #include #include #include +#include +#include #include "main.h" @@ -788,14 +790,14 @@ test_bbdev_driver_init(void) /* Initialize the maximum amount of devices */ do { - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_allocate(name_tmp); TEST_ASSERT(dev2 != NULL, "Failed to initialize bbdev driver"); ++num_devs; } while (num_devs < (RTE_BBDEV_MAX_DEVS - 1)); - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_allocate(name_tmp); TEST_ASSERT(dev2 == NULL, "Failed to initialize bbdev driver number %d " "more drivers than RTE_BBDEV_MAX_DEVS: %d ", num_devs, @@ -804,7 +806,7 @@ test_bbdev_driver_init(void) num_devs--; while (num_devs >= num_devs_tmp) { - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_get_named_dev(name_tmp); TEST_ASSERT_SUCCESS(rte_bbdev_release(dev2), "Failed to uninitialize bbdev driver %s ", @@ -825,7 +827,7 @@ test_bbdev_driver_init(void) TEST_ASSERT_FAIL(rte_bbdev_release(NULL), "Failed to uninitialize bbdev driver with NULL bbdev"); - sprintf(name_tmp, "%s", "invalid_name"); + strlcpy(name_tmp, "invalid_name", sizeof(name_tmp)); dev2 = rte_bbdev_get_named_dev(name_tmp); TEST_ASSERT_FAIL(rte_bbdev_release(dev2), "Failed to uninitialize bbdev driver with invalid name"); -- 2.17.2 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by dpdk.space (Postfix) with ESMTP id EE511A0096 for ; Tue, 9 Apr 2019 15:06:56 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id A39E0548B; Tue, 9 Apr 2019 15:06:55 +0200 (CEST) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by dpdk.org (Postfix) with ESMTP id 67C84532C; Tue, 9 Apr 2019 15:06:53 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Apr 2019 06:06:51 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,329,1549958400"; d="scan'208";a="141295654" Received: from irvmail001.ir.intel.com ([163.33.26.43]) by fmsmga007.fm.intel.com with ESMTP; 09 Apr 2019 06:06:50 -0700 Received: from wgcvswdev001.ir.intel.com (wgcvswdev001.ir.intel.com [10.102.246.100]) by irvmail001.ir.intel.com (8.14.3/8.13.6/MailSET/Hub) with ESMTP id x39D6n1j027937; Tue, 9 Apr 2019 14:06:49 +0100 Received: from wgcvswdev001.ir.intel.com (localhost [127.0.0.1]) by wgcvswdev001.ir.intel.com with ESMTP id x39D67mO009593; Tue, 9 Apr 2019 14:06:07 +0100 Received: (from ppoornix@localhost) by wgcvswdev001.ir.intel.com with œ id x39D67Y8009589; Tue, 9 Apr 2019 14:06:07 +0100 From: Pallantla Poornima To: dev@dpdk.org Cc: reshma.pattan@intel.com, amr.mokhtar@intel.com, Pallantla Poornima , stable@dpdk.org Date: Tue, 9 Apr 2019 14:05:40 +0100 Message-Id: <1554815140-9407-1-git-send-email-pallantlax.poornima@intel.com> X-Mailer: git-send-email 1.7.0.7 In-Reply-To: <1550487010-730-1-git-send-email-pallantlax.poornima@intel.com> References: <1550487010-730-1-git-send-email-pallantlax.poornima@intel.com> Subject: [dpdk-dev] [PATCH v3] app/testbbdev: fix sprintf with snprintf or strlcpy X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Content-Type: text/plain; charset="UTF-8" Message-ID: <20190409130540.NJ3qdox6JocmbJkTCMQTnGyjhZm9UNUR13g-aNOy84M@z> sprintf function is not secure as it doesn't check the length of string. More secure function snprintf and strlcpy is used. Fixes: f714a18885 ("app/testbbdev: add test application for bbdev") Cc: stable@dpdk.org Signed-off-by: Pallantla Poornima Acked-by: Amr Mokhtar --- v3: Added Ack. v2: Used strlcpy instead of snprintf as suggested. --- app/test-bbdev/test_bbdev.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/app/test-bbdev/test_bbdev.c b/app/test-bbdev/test_bbdev.c index a914817bc..137c74cde 100644 --- a/app/test-bbdev/test_bbdev.c +++ b/app/test-bbdev/test_bbdev.c @@ -14,6 +14,8 @@ #include #include #include +#include +#include #include "main.h" @@ -788,14 +790,14 @@ test_bbdev_driver_init(void) /* Initialize the maximum amount of devices */ do { - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_allocate(name_tmp); TEST_ASSERT(dev2 != NULL, "Failed to initialize bbdev driver"); ++num_devs; } while (num_devs < (RTE_BBDEV_MAX_DEVS - 1)); - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_allocate(name_tmp); TEST_ASSERT(dev2 == NULL, "Failed to initialize bbdev driver number %d " "more drivers than RTE_BBDEV_MAX_DEVS: %d ", num_devs, @@ -804,7 +806,7 @@ test_bbdev_driver_init(void) num_devs--; while (num_devs >= num_devs_tmp) { - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_get_named_dev(name_tmp); TEST_ASSERT_SUCCESS(rte_bbdev_release(dev2), "Failed to uninitialize bbdev driver %s ", @@ -825,7 +827,7 @@ test_bbdev_driver_init(void) TEST_ASSERT_FAIL(rte_bbdev_release(NULL), "Failed to uninitialize bbdev driver with NULL bbdev"); - sprintf(name_tmp, "%s", "invalid_name"); + strlcpy(name_tmp, "invalid_name", sizeof(name_tmp)); dev2 = rte_bbdev_get_named_dev(name_tmp); TEST_ASSERT_FAIL(rte_bbdev_release(dev2), "Failed to uninitialize bbdev driver with invalid name"); -- 2.17.2