From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-lf0-f41.google.com (mail-lf0-f41.google.com [209.85.215.41]) by dpdk.org (Postfix) with ESMTP id 6924A2C60 for ; Mon, 4 Apr 2016 10:00:50 +0200 (CEST) Received: by mail-lf0-f41.google.com with SMTP id p188so129802299lfd.0 for ; Mon, 04 Apr 2016 01:00:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=6wind-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=/2q1+vaJu+jvNUxuxwnxMUu/CrQUpLYzFt2VbMrfuWs=; b=Az6sWIIza32ZLP0eam4jciagNUuVbCYNK4jgBZ1UlEg6cmz/G3A987dwcHdHZtkUmt tJbZOKyAbo+7iK07CT1VhxlW3+Pqft8aq+Zm4vYjDbMPk+Mv3V/yFbLo3818ARHarrin kfhJey9zLHbqJXKaF67o2/pjQLmyDGRr50MK77C6xjIlo7GFBhda6l8palrIs/JcXkad HjedjJixfFmcN2mPXJhc1FFBitWSjpH8QFHi72yA9LqoG54xfVRtKldF5nghhR5WVsJb f8yhScinD67qfkDkFG2HsM7NirZhSpbVl33CSclVV+ux9hh5mcaH3ZS/UAETdnTvkpcH LFJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=/2q1+vaJu+jvNUxuxwnxMUu/CrQUpLYzFt2VbMrfuWs=; b=LrMMMhNjCt3lfMjL+e7VpvMwtFjqt8e9BPONR8578gz1bivHIMJX2M3pSzjm86c08d H5FRatQxwwaXBMADaooF9cZhsOa5/X1eu9r68aUJumCSxmd0SbJ3Xz1bN4O88JlcIvdj BHHPbZ6LY8TbZmxM3EWzPaAtOxi47laNlwaS92FFqvZxn9M/rywc2i86AjUDQp0AdEbd ocvIvQlb3t1N1M8U8CsXn9/BPq6yrwOkDq247KLcZMab5Q/TNNJmsZg3zk6huLfE7nB6 9Ys7vCeEw9JlfKiqXd6eL3lVZ5FFJYbqXRDuLuwY/Xa5mKGPnqFlct7+vI6QKXzdNDqQ VbMw== X-Gm-Message-State: AD7BkJKw2uFkWk82VmcTMwYpdSl97tzLSobPw6pN5ji7uZj0N7eq1CWfafJIQFvy5L21B8Ak X-Received: by 10.194.87.103 with SMTP id w7mr4652991wjz.13.1459756849841; Mon, 04 Apr 2016 01:00:49 -0700 (PDT) Received: from [192.168.0.10] (was59-1-82-226-113-214.fbx.proxad.net. [82.226.113.214]) by smtp.gmail.com with ESMTPSA id ll9sm27713494wjc.29.2016.04.04.01.00.48 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 04 Apr 2016 01:00:49 -0700 (PDT) To: Piotr Azarewicz References: <1459510581-31392-1-git-send-email-piotrx.t.azarewicz@intel.com> Cc: dev@dpdk.org From: Olivier Matz X-Enigmail-Draft-Status: N1110 Message-ID: <57021F2E.8070306@6wind.com> Date: Mon, 4 Apr 2016 10:00:46 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.6.0 MIME-Version: 1.0 In-Reply-To: <1459510581-31392-1-git-send-email-piotrx.t.azarewicz@intel.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [PATCH v1 1/1] cmdline: add any multi string mode to token string X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Apr 2016 08:00:51 -0000 Hi Piotr, This is globally ok for me. Please see a comment below. On 04/01/2016 01:36 PM, Piotr Azarewicz wrote: > @@ -162,12 +174,15 @@ cmdline_parse_string(cmdline_parse_token_hdr_t *tk, const char *buf, void *res, > } > > if (res) { > - /* we are sure that token_len is < STR_TOKEN_SIZE-1 */ > - snprintf(res, STR_TOKEN_SIZE, "%s", buf); > - *((char *)res + token_len) = 0; > + if ((sd->str != NULL) && (strcmp(sd->str, TOKEN_STRING_MULTI) == 0)) > + snprintf(res, token_len + 1, "%s", buf); > + else { > + /* we are sure that token_len is < STR_TOKEN_SIZE-1 */ > + snprintf(res, STR_TOKEN_SIZE, "%s", buf); > + *((char *)res + token_len) = 0; > + } > } > Using token_len + 1 as the buffer size in the snprintf looks a bit dangerous, as it won't protect from overflows. See the following example: struct cmd_foo_result { cmdline_fixed_string_t args; cmdline_fixed_string_t foo; }; static void cmd_foo_parsed(void *parsed_result, __rte_unused struct cmdline *cl, __rte_unused void *data) { struct cmd_foo_result *res = parsed_result; printf("foo=%s, args=%s\n", res->foo, res->args); } cmdline_parse_token_string_t cmd_foo_foo = TOKEN_STRING_INITIALIZER(struct cmd_foo_result, foo, "foo"); cmdline_parse_token_string_t cmd_foo_args = TOKEN_STRING_INITIALIZER(struct cmd_foo_result, args, TOKEN_STRING_MULTI); cmdline_parse_inst_t cmd_foo = { .f = cmd_foo_parsed, /* function to call */ .data = NULL, /* 2nd arg of func */ .help_str = "test", .tokens = { /* token list, NULL terminated */ (void *)&cmd_foo_foo, (void *)&cmd_foo_args, NULL, }, }; The result will be: # ok RTE>>foo xxx foo=foo, args=xxx # not ok, args overflows in foo RTE>>foo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx foo=xxxxxxxxxxxxxxxxxxxxxxx, args=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx That's why snprintf() should still use STR_TOKEN_SIZE. Regards, Olivier