From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by dpdk.org (Postfix) with ESMTP id 5F82411A4; Wed, 13 Mar 2019 12:08:21 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Mar 2019 04:08:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,474,1544515200"; d="scan'208";a="154601850" Received: from irvmail001.ir.intel.com ([163.33.26.43]) by fmsmga001.fm.intel.com with ESMTP; 13 Mar 2019 04:08:17 -0700 Received: from wgcvswdev001.ir.intel.com (wgcvswdev001.ir.intel.com [10.102.246.100]) by irvmail001.ir.intel.com (8.14.3/8.13.6/MailSET/Hub) with ESMTP id x2DB8GcD010258; Wed, 13 Mar 2019 11:08:16 GMT Received: from wgcvswdev001.ir.intel.com (localhost [127.0.0.1]) by wgcvswdev001.ir.intel.com with ESMTP id x2DB7b59016457; Wed, 13 Mar 2019 11:07:37 GMT Received: (from ppoornix@localhost) by wgcvswdev001.ir.intel.com with œ id x2DB7adK016451; Wed, 13 Mar 2019 11:07:36 GMT From: Pallantla Poornima To: dev@dpdk.org Cc: reshma.pattan@intel.com, ferruh.yigit@intel.com, aconole@redhat.com, bruce.richardson@intel.com, stephen@networkplumber.org, Pallantla Poornima , stable@dpdk.org Date: Wed, 13 Mar 2019 11:07:23 +0000 Message-Id: <1552475243-16215-1-git-send-email-pallantlax.poornima@intel.com> X-Mailer: git-send-email 1.7.0.7 In-Reply-To: References: Subject: [dpdk-stable] [PATCH v2] app/test: fix sprintf with strlcat X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2019 11:08:22 -0000 sprintf function is not secure as it doesn't check the length of string. More secure function strlcat is used. Fixes: 727909c592 ("app/test: introduce dynamic commands list") Cc: stable@dpdk.org Signed-off-by: Pallantla Poornima --- v2: Used strlcat to avoid buffer overflow. --- app/test/commands.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/app/test/commands.c b/app/test/commands.c index 94fbc310e..8d5a03a95 100644 --- a/app/test/commands.c +++ b/app/test/commands.c @@ -44,6 +44,7 @@ #include #include #include +#include #include "test.h" @@ -365,23 +366,22 @@ cmdline_parse_ctx_t main_ctx[] = { int commands_init(void) { struct test_command *t; - char *commands, *ptr; + char *commands; int commands_len = 0; TAILQ_FOREACH(t, &commands_list, next) { commands_len += strlen(t->command) + 1; } - commands = malloc(commands_len + 1); + commands = (char *)calloc(commands_len, sizeof(char)); if (!commands) return -1; - ptr = commands; TAILQ_FOREACH(t, &commands_list, next) { - ptr += sprintf(ptr, "%s#", t->command); + strlcat(commands, t->command, commands_len); + if (TAILQ_NEXT(t, next) != NULL) + strlcat(commands, "#", commands_len); } - ptr--; - ptr[0] = '\0'; cmd_autotest_autotest.string_data.str = commands; return 0; -- 2.17.2