Re: [dpdk-dev] [PATCH] eal/trace: fix coverity issues

DPDK patches and discussions
 help / color / mirror / Atom feed

From: David Marchand <david.marchand@redhat.com>
To: Sunil Kumar Kori <skori@marvell.com>
Cc: Jerin Jacob <jerinj@marvell.com>, dev <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH] eal/trace: fix coverity issues
Date: Mon, 27 Apr 2020 14:26:06 +0200	[thread overview]
Message-ID: <CAJFAV8wAgy2P5dqnL=-ZygDeh4nSVLqM4suPxFJbZo9yxpvRgg@mail.gmail.com> (raw)
In-Reply-To: <20200427120424.22728-1-skori@marvell.com>

On Mon, Apr 27, 2020 at 2:04 PM Sunil Kumar Kori <skori@marvell.com> wrote:
>
> Pointer was being dereferenced without NULL checking.
>
> Coverity issue: 357768
>
> Fixes: 8c8066ea6a7b ("trace: add trace mode configuration parameter")
>
> Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
> ---
>  lib/librte_eal/common/eal_common_trace_utils.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/lib/librte_eal/common/eal_common_trace_utils.c b/lib/librte_eal/common/eal_common_trace_utils.c
> index fce8892c3..119e97119 100644
> --- a/lib/librte_eal/common/eal_common_trace_utils.c
> +++ b/lib/librte_eal/common/eal_common_trace_utils.c
> @@ -227,15 +227,16 @@ int
>  eal_trace_mode_args_save(const char *optarg)
>  {
>         struct trace *trace = trace_obj_get();
> -       size_t len = strlen(optarg);
>         unsigned long tmp;
>         char *pattern;
> +       size_t len;
>
>         if (optarg == NULL) {
>                 trace_err("no optarg is passed");
>                 return -EINVAL;
>         }
>
> +       len = strlen(optarg);
>         if (len == 0) {
>                 trace_err("value is not provided with option");
>                 return -EINVAL;

I was looking at some gcc 10 complaints on string manipulation later
in eal_trace_dir_args_save().

https://build.opensuse.org/package/live_build_log/home:dmarchan:branches:home:bluca:dpdk/dpdk/Fedora_Rawhide/x86_64

[  126s]   CC rte_malloc.o
[  127s] /home/abuild/rpmbuild/BUILD/dpdk-1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:
In function 'eal_trace_dir_args_save':
[  127s] /home/abuild/rpmbuild/BUILD/dpdk-1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:290:24:
error: 'sprintf' may write a terminating nul past the end of the
destination [-Werror=format-overflow=]
[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
[  127s]       |                        ^
[  127s] /home/abuild/rpmbuild/BUILD/dpdk-1587835122.b13ace300/lib/librte_eal/common/eal_common_trace_utils.c:290:2:
note: 'sprintf' output between 2 and 4097 bytes into a destination of
size 4096
[  127s]   290 |  sprintf(dir_path, "%s/", optarg);
[  127s]       |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[  127s] cc1: all warnings being treated as errors


Could we use asprintf in all this code and avoid malloc + sprintf ?


Something like the _untested_ snippet?

diff --git a/lib/librte_eal/common/eal_common_trace_utils.c
b/lib/librte_eal/common/eal_common_trace_utils.c
index fce8892c38..4769bade97 100644
--- a/lib/librte_eal/common/eal_common_trace_utils.c
+++ b/lib/librte_eal/common/eal_common_trace_utils.c
@@ -267,8 +267,7 @@ int
 eal_trace_dir_args_save(char const *optarg)
 {
        struct trace *trace = trace_obj_get();
-       uint32_t size = sizeof(trace->dir);
-       char *dir_path = NULL;
+       char *dir_path;
        int rc;

        if (optarg == NULL) {
@@ -276,19 +275,18 @@ eal_trace_dir_args_save(char const *optarg)
                return -EINVAL;
        }

-       if (strlen(optarg) >= size) {
-               trace_err("input string is too big");
-               return -ENAMETOOLONG;
-       }
-
-       dir_path = (char *)calloc(1, size);
-       if (dir_path == NULL) {
-               trace_err("fail to allocate memory");
+       rc = asprintf(&dir_path, "%s/", optarg);
+       if (rc == -1) {
+               trace_err("failed to copy directory: %s", strerror(errno));
                return -ENOMEM;
        }

-       sprintf(dir_path, "%s/", optarg);
-       rc = trace_dir_update(dir_path);
+       if ((size_t)rc >= sizeof(trace->dir)) {
+               trace_err("input string is too big");
+               rc = -ENAMETOOLONG;
+       } else {
+               rc = trace_dir_update(dir_path);
+       }

        free(dir_path);
        return rc;



-- 
David Marchand

next prev parent reply	other threads:[~2020-04-27 12:26 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-27 12:04 Sunil Kumar Kori
2020-04-27 12:26 ` David Marchand [this message]
2020-04-27 13:46   ` [dpdk-dev] [EXT] " Sunil Kumar Kori
2020-04-27 13:52     ` David Marchand
2020-04-27 14:00       ` Sunil Kumar Kori
2020-04-30 13:59       ` Sunil Kumar Kori

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAJFAV8wAgy2P5dqnL=-ZygDeh4nSVLqM4suPxFJbZo9yxpvRgg@mail.gmail.com' \
    --to=david.marchand@redhat.com \
    --cc=dev@dpdk.org \
    --cc=jerinj@marvell.com \
    --cc=skori@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).