From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by dpdk.org (Postfix) with ESMTP id 3D2E31C00 for ; Sun, 7 May 2017 22:18:49 +0200 (CEST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga105.jf.intel.com with ESMTP; 07 May 2017 13:18:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.38,305,1491289200"; d="scan'208";a="1165843690" Received: from bricha3-mobl3.ger.corp.intel.com ([10.254.178.194]) by fmsmga002.fm.intel.com with SMTP; 07 May 2017 13:18:45 -0700 Received: by (sSMTP sendmail emulation); Sun, 07 May 2017 21:18:44 +0100 Date: Sun, 7 May 2017 21:18:44 +0100 From: Bruce Richardson To: Thomas Monjalon Cc: Roman Korynkevych , maryam.tahhan@intel.com, reshma.pattan@intel.com, dev@dpdk.org, harry.van.haaren@intel.com Message-ID: <20170507201841.GA46676@bricha3-MOBL3.ger.corp.intel.com> References: <1492787196-9101-1-git-send-email-romanx.korynkevych@intel.com> <2111266.yHnu9HNQaI@xps> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2111266.yHnu9HNQaI@xps> Organization: Intel Research and =?iso-8859-1?Q?De=ACvel?= =?iso-8859-1?Q?opment?= Ireland Ltd. User-Agent: Mutt/1.8.0 (2017-02-23) Subject: Re: [dpdk-dev] [PATCH v1 1/1] app/procinfo: buffer null termination fix. X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 May 2017 20:18:50 -0000 On Sat, May 06, 2017 at 11:03:47AM +0200, Thomas Monjalon wrote: > 21/04/2017 17:06, Roman Korynkevych: > > Coverity issue: 143252 > > Fixes: 2deb6b5246d7706448d070335b329d1acb754cee ("app/procinfo: add collectd format and host id") > > Cc: stable@dpdk.org > > > > Signed-off-by: Roman Korynkevych > > --- > > app/proc_info/main.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/app/proc_info/main.c b/app/proc_info/main.c > > index 16b27b2..97d0352 100644 > > --- a/app/proc_info/main.c > > +++ b/app/proc_info/main.c > > @@ -189,7 +189,7 @@ proc_info_preparse_args(int argc, char **argv) > > proc_info_usage(prgname); > > return -1; > > } > > - strncpy(host_id, argv[i+1], sizeof(host_id)); > > + strncpy(host_id, argv[i+1], sizeof(host_id)-1); > > The full array size should be given to strncpy. > However, the call to gethostname below seems wrong as > it does not use the full size. > > Maryam, Reshma, > Please review the procinfo patches. Strncpy is dangerous and should not be used in DPDK. Ideally, I'd like to see us start using strlcpy(), but in the meantime the best practice in DPDK seems to be to use snprintf in place of strcpy/strncpy. /Bruce