From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by dpdk.org (Postfix) with ESMTP id 614261B8CD; Fri, 8 Feb 2019 15:04:53 +0100 (CET) X-Amp-Result: UNSCANNABLE X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Feb 2019 06:04:51 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,347,1544515200"; d="scan'208";a="145242012" Received: from bricha3-mobl.ger.corp.intel.com ([10.252.19.243]) by fmsmga001.fm.intel.com with SMTP; 08 Feb 2019 06:04:49 -0800 Received: by (sSMTP sendmail emulation); Fri, 08 Feb 2019 14:04:48 +0000 Date: Fri, 8 Feb 2019 14:04:48 +0000 From: Bruce Richardson To: Pallantla Poornima Cc: dev@dpdk.org, reshma.pattan@intel.com, ferruh.yigit@intel.com, stable@dpdk.org Message-ID: <20190208140448.GA276636@bricha3-MOBL.ger.corp.intel.com> References: <1549632457-15892-1-git-send-email-pallantlax.poornima@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1549632457-15892-1-git-send-email-pallantlax.poornima@intel.com> User-Agent: Mutt/1.11.2 (2019-01-07) Subject: Re: [dpdk-dev] [PATCH] test: fix sprintf with snprintf X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Feb 2019 14:04:54 -0000 On Fri, Feb 08, 2019 at 01:27:37PM +0000, Pallantla Poornima wrote: > sprintf function is not secure as it doesn't check the length of string. > More secure function snprintf is used. > > Fixes: 727909c592 ("app/test: introduce dynamic commands list") > Cc: stable@dpdk.org > > Signed-off-by: Pallantla Poornima > --- > test/test/commands.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/test/test/commands.c b/test/test/commands.c > index 94fbc310e..5aeb35498 100644 > --- a/test/test/commands.c > +++ b/test/test/commands.c > @@ -367,6 +367,8 @@ int commands_init(void) > struct test_command *t; > char *commands, *ptr; > int commands_len = 0; > + int total_written = 0; > + int count = 0; > > TAILQ_FOREACH(t, &commands_list, next) { > commands_len += strlen(t->command) + 1; > @@ -378,7 +380,10 @@ int commands_init(void) > > ptr = commands; > TAILQ_FOREACH(t, &commands_list, next) { > - ptr += sprintf(ptr, "%s#", t->command); > + count = snprintf(ptr, commands_len - total_written - 1, "%s#", > + t->command); > + ptr += count; > + total_written += count; > } I don't think the "-1" should be necessary here. Also, I think you should check the return value of snprintf to check for truncation, and abort the loop if so. /Bruce