From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by dpdk.org (Postfix) with ESMTP id 4899E2C17; Wed, 13 Mar 2019 19:40:06 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Mar 2019 11:40:02 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,475,1544515200"; d="scan'208";a="328325842" Received: from fyigit-mobl.ger.corp.intel.com (HELO [10.237.221.46]) ([10.237.221.46]) by fmsmga005.fm.intel.com with ESMTP; 13 Mar 2019 11:40:00 -0700 To: Chaitanya Babu Talluri , dev@dpdk.org Cc: reshma.pattan@intel.com, jananeex.m.parthasarathy@intel.com, rmody@marvell.com, shshaikh@marvell.com, beilei.xing@intel.com, qi.z.zhang@intel.com, alejandro.lucero@netronome.com, pablo.de.lara.guarch@intel.com, declan.doherty@intel.com, stable@dpdk.org References: <1551791666-26746-1-git-send-email-tallurix.chaitanya.babu@intel.com> <1551963385-1234-1-git-send-email-tallurix.chaitanya.babu@intel.com> From: Ferruh Yigit Openpgp: preference=signencrypt Autocrypt: addr=ferruh.yigit@intel.com; prefer-encrypt=mutual; keydata= mQINBFXZCFABEADCujshBOAaqPZpwShdkzkyGpJ15lmxiSr3jVMqOtQS/sB3FYLT0/d3+bvy qbL9YnlbPyRvZfnP3pXiKwkRoR1RJwEo2BOf6hxdzTmLRtGtwWzI9MwrUPj6n/ldiD58VAGQ +iR1I/z9UBUN/ZMksElA2D7Jgg7vZ78iKwNnd+vLBD6I61kVrZ45Vjo3r+pPOByUBXOUlxp9 GWEKKIrJ4eogqkVNSixN16VYK7xR+5OUkBYUO+sE6etSxCr7BahMPKxH+XPlZZjKrxciaWQb +dElz3Ab4Opl+ZT/bK2huX+W+NJBEBVzjTkhjSTjcyRdxvS1gwWRuXqAml/sh+KQjPV1PPHF YK5LcqLkle+OKTCa82OvUb7cr+ALxATIZXQkgmn+zFT8UzSS3aiBBohg3BtbTIWy51jNlYdy ezUZ4UxKSsFuUTPt+JjHQBvF7WKbmNGS3fCid5Iag4tWOfZoqiCNzxApkVugltxoc6rG2TyX CmI2rP0mQ0GOsGXA3+3c1MCdQFzdIn/5tLBZyKy4F54UFo35eOX8/g7OaE+xrgY/4bZjpxC1 1pd66AAtKb3aNXpHvIfkVV6NYloo52H+FUE5ZDPNCGD0/btFGPWmWRmkPybzColTy7fmPaGz cBcEEqHK4T0aY4UJmE7Ylvg255Kz7s6wGZe6IR3N0cKNv++O7QARAQABtCVGZXJydWggWWln aXQgPGZlcnJ1aC55aWdpdEBpbnRlbC5jb20+iQJVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsE FgIDAQIeAQIXgBYhBNI2U4dCLsKE45mBx/kz60PfE2EfBQJbughWBQkHwjOGAAoJEPkz60Pf E2Eft84QAIbKWqhgqRfoiw/BbXbA1+qm2o4UgkCRQ0yJgt9QsnbpOmPKydHH0ixCliNz1J8e mRXCkMini1bTpnzp7spOjQGLeAFkNFz6BMq8YF2mVWbGEDE9WgnAxZdi0eLY7ZQnHbE6AxKL SXmpe9INb6z3ztseFt7mqje/W/6DWYIMnH3Yz9KzxujFWDcq8UCAvPkxVQXLTMpauhFgYeEx Nub5HbvhxTfUkapLwRQsSd/HbywzqZ3s/bbYMjj5JO3tgMiM9g9HOjv1G2f1dQjHi5YQiTZl 1eIIqQ3pTic6ROaiZqNmQFXPsoOOFfXF8nN2zg8kl/sSdoXWHhama5hbwwtl1vdaygQYlmdK H2ueiFh/UvT3WG3waNv2eZiEbHV8Rk52Xyn2w1G90lV0fYC6Ket1Xjoch7kjwbx793Kz/RfQ rmBY8/S4DTGn3oq3dMdQY+b6+7VMUeLMMh2CXYO9ErkOq+qNTD1IY+cBAkXnaDbQfz0zbste ZGWH74FAZ9nCpDOqbRTrBL42aMGhfOWEyeA1x7+hl6JZfabBWAuf4nnCXuorKHzBXTrf7u7p fXsKQClWRW77PF1VmzrtKNVSytQAmlCWApQIw20AarFipXmVdIjHmJPU611WoyxZPb4JTOxx 5cv9B+nr/RIB+v5dcStyHCCwO1be7nBDdCgd4F6kTQPLuQINBFfWTL4BEACnNA29e8TarUsB L5n6eLZHXcFvVwNLVlirWOClHXf44o2KnN3ww+eBEmKVfEFo9MSuGDNHS8Zw1NiGMYxLIUgd U6gGrVVs/VrQWL82pbMk6jCj98N+BXIri+6K1z+AImz7ax7iF1kDgRAnFWU0znWWBgM2mM8Y gDjcxfXk4sCKnvf6Gjo08Ey5zmqx7dekAKU2EEp8Q1EJY3jbymLdZWRP4AFFMTS1rGMk0/tt v71NBg1GobCcbNfn9chK/jhqxYhAJqq86RdJQkt3/9x1U1Oq0vXCt4JVVHmkxePtUiuWTTt+ aYlUAsKYZsWvncExvw77x2ArYDmaK0yfjh37wp0lY7DOJHFxoyT8tyWZlLci/VMRG2Ja33xj 0CN4C1yBg+QDeV3QFxQo42iA/ykdXPUR3ezmsND3XKvVLTC4DNb3V/EZQ7jBj64+bEK0VW4G B31VP00ApNQvSoczsIOAKdk97RNbpmPw6q10ILIB+9T1xbnFYzshzGF17oC0/GENIHATx8vZ masOZoDiOZQpeneLgnFE9JfzhLTxv6wNZcc/HLXRQVTkDsQr8ERtkAoHCf1E5+b5Yr7pfnE4 YuhET746o25S53ELUYPIs49qoJsEJL34/oexMfPGyPIlrbufiNyty5jc/1MRwUlhJlJ5IOHy ZUa+6CLR7GdImusFkPJUJwARAQABiQI8BBgBAgAmAhsMFiEE0jZTh0IuwoTjmYHH+TPrQ98T YR8FAlu6CHAFCQXE7zIACgkQ+TPrQ98TYR9nXxAAqNBgkYNyGuWUuy0GwDQCbu3iiMyH1+D7 llafPcK4NYy1Z4AYuVwC9nmLaoj+ozdqS3ncRo57ncRsKEJC46nDJJZYZ5LSJVn63Y3NBF86 lxQAgjj2oyZEwaLKtKbAFsXL43jv1pUGgSvWwYtDwHITXXFQto9rZEuUDRFSx4sg9OR+Q6/6 LY+nQQ3OdHlBkflzYMPcWgDcvcTAO6yasLEUf7UcYoSWTyMYjLB4QuNlXzTswzGVMssJF/vo V8lD1eqqaSUWG3STF6GVLQOr1NLvN5+kUBiEStHFxBpgSCvYY9sNV8FS6N24CAWMBl+10W+D 2h1yiiP5dOdPcBDYKsgqDD91/sP0WdyMJkwdQJtD49f9f+lYloxHnSAxMleOpyscg1pldw+i mPaUY1bmIknLhhkqfMmjywQOXpac5LRMibAAYkcB8v7y3kwELnt8mhqqZy6LUsqcWygNbH/W K3GGt5tRpeIXeJ25x8gg5EBQ0Jnvp/IbBYQfPLtXH0Myq2QuAhk/1q2yEIbVjS+7iowEZNyE 56K63WBJxsJPB2mvmLgn98GqB4G6GufP1ndS0XDti/2K0o8rep9xoY/JDGi0n0L0tk9BHyoP Y7kaEpu7UyY3nVdRLe5H1/MnFG8hdJ97WqnPS0buYZlrbTV0nRFL/NI2VABl18vEEXvNQiO+ vM8= Message-ID: <75584dc7-b06f-67eb-903d-1e7b15544ff7@intel.com> Date: Wed, 13 Mar 2019 18:39:59 +0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3 MIME-Version: 1.0 In-Reply-To: <1551963385-1234-1-git-send-email-tallurix.chaitanya.babu@intel.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [PATCH v5] drivers: fix possible overflow with strcat X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2019 18:40:07 -0000 On 3/7/2019 12:56 PM, Chaitanya Babu Talluri wrote: > strcat does not check the destination length and there might be > chances of string overflow so instead of strcat, strlcat is used. > > Fixes: 6f4eec2565 ("test/crypto: enhance scheduler unit tests") > Fixes: 540a211084 ("bnx2x: driver core") > Fixes: e163c18a15 ("net/i40e: update ptype and pctype info") > Cc: stable@dpdk.org > > Signed-off-by: Chaitanya Babu Talluri > --- > v5: Removed strcat. You also dropped "drivers/net/nfp/nfpcore/nfp_cpp_pcie_ops.c" change which was in v4, intentional? > v4: Corrected usage of strlcat. > v3: Instead of strncat, used strlcat. > v2: Instead of strncat, used snprintf. > --- > app/test/test_cryptodev.c | 3 ++- test_cryptodev.c is not driver, also for organizational issues, can you send it as separate patch? When it is removed, you can use "drivers/net: ..." in patch title. > drivers/net/bnx2x/bnx2x.c | 5 +++-- > drivers/net/i40e/i40e_ethdev.c | 4 ++-- > 3 files changed, 7 insertions(+), 5 deletions(-) > > diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c > index 32f1893bc..8d5c138a5 100644 > --- a/app/test/test_cryptodev.c > +++ b/app/test/test_cryptodev.c > @@ -11,6 +11,7 @@ > #include > #include > #include > +#include > > #include > #include > @@ -375,7 +376,7 @@ testsuite_setup(void) > snprintf(vdev_args, sizeof(vdev_args), > "%s%d", temp_str, i); > strcpy(temp_str, vdev_args); > - strcat(temp_str, ";"); > + strlcat(temp_str, ";", sizeof(temp_str)); > slave_core_count++; > socket_id = lcore_config[i].socket_id; > } > diff --git a/drivers/net/bnx2x/bnx2x.c b/drivers/net/bnx2x/bnx2x.c > index 26b3828e8..ab092e23f 100644 > --- a/drivers/net/bnx2x/bnx2x.c > +++ b/drivers/net/bnx2x/bnx2x.c > @@ -25,6 +25,7 @@ > #include > #include > #include > +#include > > #define BNX2X_PMD_VER_PREFIX "BNX2X PMD" > #define BNX2X_PMD_VERSION_MAJOR 1 > @@ -11741,13 +11742,13 @@ static const char *get_bnx2x_flags(uint32_t flags) > > for (i = 0; i < 5; i++) > if (flags & (1 << i)) { > - strcat(flag_str, flag[i]); > + strlcat(flag_str, flag[i], sizeof(flag_str)); > flags ^= (1 << i); > } > if (flags) { > static char unknown[BNX2X_INFO_STR_MAX]; > snprintf(unknown, 32, "Unknown flag mask %x", flags); > - strcat(flag_str, unknown); > + strlcat(flag_str, unknown, sizeof(flag_str)); > } > return flag_str; > } > diff --git a/drivers/net/i40e/i40e_ethdev.c b/drivers/net/i40e/i40e_ethdev.c > index dca61f03a..9bc9a4390 100644 > --- a/drivers/net/i40e/i40e_ethdev.c > +++ b/drivers/net/i40e/i40e_ethdev.c > @@ -12201,8 +12201,8 @@ i40e_update_customized_pctype(struct rte_eth_dev *dev, uint8_t *pkg, > for (n = 0; n < proto_num; n++) { > if (proto[n].proto_id != proto_id) > continue; > - strcat(name, proto[n].name); > - strcat(name, "_"); > + strlcat(name, proto[n].name, sizeof(name)); > + strlcat(name, "_", sizeof(name)); > break; > } > } >