From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by dpdk.org (Postfix) with ESMTP id 27B0D2BD9 for ; Thu, 7 Apr 2016 18:06:14 +0200 (CEST) Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP; 07 Apr 2016 09:04:00 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.24,449,1455004800"; d="scan'208";a="780167776" Received: from dwdohert-dpdk.ir.intel.com ([163.33.210.69]) by orsmga003.jf.intel.com with ESMTP; 07 Apr 2016 09:03:57 -0700 From: Declan Doherty To: Pablo de Lara , dev@dpdk.org References: <1460035389-49395-1-git-send-email-pablo.de.lara.guarch@intel.com> Message-ID: <57068423.4050007@intel.com> Date: Thu, 7 Apr 2016 17:00:35 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.1 MIME-Version: 1.0 In-Reply-To: <1460035389-49395-1-git-send-email-pablo.de.lara.guarch@intel.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [PATCH] l2fwd-crypto: fix coverity defect X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Apr 2016 16:06:15 -0000 On 07/04/16 14:23, Pablo de Lara wrote: > When parsing crypto device type, the string was being copied > with strcpy(), which could overflow the destination buffer > (which is 32 byte long), so snprintf() should be used instead. > > This fixes coverity issue 124575: > > /examples/l2fwd-crypto/main.c: 1005 in l2fwd_crypto_parse_args_long_options() > *** CID 124575: (STRING_OVERFLOW) > 999 > 1000 /* Authentication options */ > 1001 else if (strcmp(lgopts[option_index].name, "auth_algo") == 0) { > 1002 retval = parse_auth_algo(&options->auth_xform.auth.algo, > 1003 optarg); > 1004 if (retval == 0) >>>> CID 124575: (STRING_OVERFLOW) >>>> You might overrun the 32 byte fixed-size string "options->string_auth_algo" by copying "optarg" without checking the length. > 1005 strcpy(options->string_auth_algo, optarg); > 1006 return retval; > 1007 } > > Fixes: commit 49f79e86480d ("examples/l2fwd-crypto: add missing string initialization") > > Signed-off-by: Pablo de Lara > --- ... > Acked-by: Declan Doherty