DPDK patches and discussions
 help / color / mirror / Atom feed
From: Thomas Monjalon <thomas@monjalon.net>
To: "Chaitanya Babu, TalluriX" <tallurix.chaitanya.babu@intel.com>
Cc: dev@dpdk.org, Ferruh Yigit <ferruh.yigit@intel.com>,
	"Richardson, Bruce" <bruce.richardson@intel.com>,
	"Pattan, Reshma" <reshma.pattan@intel.com>,
	"Parthasarathy, JananeeX M" <jananeex.m.parthasarathy@intel.com>,
	"Dumitrescu, Cristian" <cristian.dumitrescu@intel.com>,
	"stable@dpdk.org" <stable@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH v2] lib/cfgfile: replace strcat with strlcat
Date: Fri, 05 Apr 2019 14:53:22 +0200	[thread overview]
Message-ID: <2188499.5WO9SvJthX@xps> (raw)
Message-ID: <20190405125322.LlewruB6IZwuMbMreA4WrJpA6IYFWkc3_qEC3Swh-kw@z> (raw)
In-Reply-To: <d5f01da4-b9a7-67f1-860a-dcd7c354da40@intel.com>

27/03/2019 12:37, Ferruh Yigit:
> On 3/26/2019 10:04 AM, Chaitanya Babu, TalluriX wrote:
> > From: Yigit, Ferruh
> >> On 3/8/2019 2:02 PM, Bruce Richardson wrote:
> >>> On Fri, Mar 08, 2019 at 12:45:50PM +0000, Chaitanya Babu Talluri wrote:
> >>>> Replace strcat with strlcat to avoid buffer overflow.
> >>>>
> >>>> Fixes: a6a47ac9c2 ("cfgfile: rework load function")
> >>>> Cc: stable@dpdk.org
> >>>>
> >>>> Signed-off-by: Chaitanya Babu Talluri
> >>>> <tallurix.chaitanya.babu@intel.com>
> >>>> ---
> >>>> @@ -224,10 +225,11 @@ rte_cfgfile_load_with_params(const char
> >> *filename, int flags,
> >>>>  			_strip(split[1], strlen(split[1]));
> >>>>  			char *end = memchr(split[1], '\\', strlen(split[1]));
> >>>>
> >>>> +			size_t split_len = strlen(split[1]) + 1;
> >>>>  			while (end != NULL) {
> >>>>  				if (*(end+1) == params->comment_character)
> >> {
> >>>>  					*end = '\0';
> >>>> -					strcat(split[1], end+1);
> >>>> +					strlcat(split[1], end+1, split_len);
> >>>
> >>> I don't think this will do what you want. Remember that strlcat takes
> >>> the total length of the buffer, which means that if split_len is set
> >>> to the current length (as you do before the while statement), then
> >>> passing that as the length parameter will cause strlcat to do nothing,
> >>> since it sees the buffer as already full.
> >>
> >> The logic doesn't lengthen the 'split[1]' content, indeed it reduces the initial
> >> size although it uses string concatenation, that is why it should be OK to use
> >> 'split_len' here.
> >>
> >> What code does is, it finds specific char in 'split' buffer and removes it by
> >> shifting remaining chars one byte to the left. So it shouldn't pass the initial size
> >> of the buffer.
> >>
> >> There is a overlapping strings concern, which 'strcat' & 'strlcat' don't support,
> >> but I guess it is OK here since we are sure that strings are separated by a
> >> NULL, so where a char read and written should be different although overall
> >> dst and src buffers overlap.
> > 
> > Yes, although the same string is manipulated the split string (*end = '\0') is separated with NULL.
> > Strlcat works fine here and expected concatenation  is happening.
> > If there are no further comments request for ACK please.
> 
> Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>

Applied, thanks




  parent reply	other threads:[~2019-04-05 12:53 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-14  9:30 [dpdk-dev] [PATCH] lib: fix strcat with equivalent logic Chaitanya Babu Talluri
2019-02-14 14:00 ` Bruce Richardson
2019-03-08 12:45 ` [dpdk-dev] [PATCH v2] lib/cfgfile: replace strcat with strlcat Chaitanya Babu Talluri
2019-03-08 14:02   ` Bruce Richardson
2019-03-08 17:30     ` Ferruh Yigit
     [not found]       ` <761FB0F2AB727F4FA9CE98D18810B0151B1F18AA@BGSMSX103.gar.corp.intel.com>
2019-03-27 11:37         ` Ferruh Yigit
2019-03-27 11:37           ` Ferruh Yigit
2019-04-05 12:53           ` Thomas Monjalon [this message]
2019-04-05 12:53             ` Thomas Monjalon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2188499.5WO9SvJthX@xps \
    --to=thomas@monjalon.net \
    --cc=bruce.richardson@intel.com \
    --cc=cristian.dumitrescu@intel.com \
    --cc=dev@dpdk.org \
    --cc=ferruh.yigit@intel.com \
    --cc=jananeex.m.parthasarathy@intel.com \
    --cc=reshma.pattan@intel.com \
    --cc=stable@dpdk.org \
    --cc=tallurix.chaitanya.babu@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).