[dpdk-dev] [PATCH v1 1/1] app/procinfo: buffer null termination fix.

DPDK patches and discussions
 help / color / mirror / Atom feed

* [dpdk-dev] [PATCH v1 1/1] app/procinfo: buffer null termination fix.
@ 2017-04-21 15:06 Roman Korynkevych
  2017-05-06  9:03 ` Thomas Monjalon
  0 siblings, 1 reply; 3+ messages in thread
From: Roman Korynkevych @ 2017-04-21 15:06 UTC (permalink / raw)
  To: dev; +Cc: harry.van.haaren, maryam.tahhan, Roman Korynkevych, stable

Coverity issue: 143252
Fixes: 2deb6b5246d7706448d070335b329d1acb754cee ("app/procinfo: add collectd format and host id")
Cc: stable@dpdk.org

Signed-off-by: Roman Korynkevych <romanx.korynkevych@intel.com>
---
 app/proc_info/main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/proc_info/main.c b/app/proc_info/main.c
index 16b27b2..97d0352 100644
--- a/app/proc_info/main.c
+++ b/app/proc_info/main.c
@@ -189,7 +189,7 @@ proc_info_preparse_args(int argc, char **argv)
 				proc_info_usage(prgname);
 				return -1;
 			}
-			strncpy(host_id, argv[i+1], sizeof(host_id));
+			strncpy(host_id, argv[i+1], sizeof(host_id)-1);
 		}
 	}
 
-- 
2.1.0

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [dpdk-dev] [PATCH v1 1/1] app/procinfo: buffer null termination fix.
  2017-04-21 15:06 [dpdk-dev] [PATCH v1 1/1] app/procinfo: buffer null termination fix Roman Korynkevych
@ 2017-05-06  9:03 ` Thomas Monjalon
  2017-05-07 20:18   ` Bruce Richardson
  0 siblings, 1 reply; 3+ messages in thread
From: Thomas Monjalon @ 2017-05-06  9:03 UTC (permalink / raw)
  To: Roman Korynkevych, maryam.tahhan, reshma.pattan; +Cc: dev, harry.van.haaren

21/04/2017 17:06, Roman Korynkevych:
> Coverity issue: 143252
> Fixes: 2deb6b5246d7706448d070335b329d1acb754cee ("app/procinfo: add collectd format and host id")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Roman Korynkevych <romanx.korynkevych@intel.com>
> ---
>  app/proc_info/main.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/app/proc_info/main.c b/app/proc_info/main.c
> index 16b27b2..97d0352 100644
> --- a/app/proc_info/main.c
> +++ b/app/proc_info/main.c
> @@ -189,7 +189,7 @@ proc_info_preparse_args(int argc, char **argv)
>  				proc_info_usage(prgname);
>  				return -1;
>  			}
> -			strncpy(host_id, argv[i+1], sizeof(host_id));
> +			strncpy(host_id, argv[i+1], sizeof(host_id)-1);

The full array size should be given to strncpy.
However, the call to gethostname below seems wrong as
it does not use the full size.

Maryam, Reshma,
Please review the procinfo patches.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [dpdk-dev] [PATCH v1 1/1] app/procinfo: buffer null termination fix.
  2017-05-06  9:03 ` Thomas Monjalon
@ 2017-05-07 20:18   ` Bruce Richardson
  0 siblings, 0 replies; 3+ messages in thread
From: Bruce Richardson @ 2017-05-07 20:18 UTC (permalink / raw)
  To: Thomas Monjalon
  Cc: Roman Korynkevych, maryam.tahhan, reshma.pattan, dev, harry.van.haaren

On Sat, May 06, 2017 at 11:03:47AM +0200, Thomas Monjalon wrote:
> 21/04/2017 17:06, Roman Korynkevych:
> > Coverity issue: 143252
> > Fixes: 2deb6b5246d7706448d070335b329d1acb754cee ("app/procinfo: add collectd format and host id")
> > Cc: stable@dpdk.org
> > 
> > Signed-off-by: Roman Korynkevych <romanx.korynkevych@intel.com>
> > ---
> >  app/proc_info/main.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/app/proc_info/main.c b/app/proc_info/main.c
> > index 16b27b2..97d0352 100644
> > --- a/app/proc_info/main.c
> > +++ b/app/proc_info/main.c
> > @@ -189,7 +189,7 @@ proc_info_preparse_args(int argc, char **argv)
> >  				proc_info_usage(prgname);
> >  				return -1;
> >  			}
> > -			strncpy(host_id, argv[i+1], sizeof(host_id));
> > +			strncpy(host_id, argv[i+1], sizeof(host_id)-1);
> 
> The full array size should be given to strncpy.
> However, the call to gethostname below seems wrong as
> it does not use the full size.
> 
> Maryam, Reshma,
> Please review the procinfo patches.

Strncpy is dangerous and should not be used in DPDK. Ideally, I'd like
to see us start using strlcpy(), but in the meantime the best practice
in DPDK seems to be to use snprintf in place of strcpy/strncpy.

/Bruce

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2017-05-07 20:18 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-21 15:06 [dpdk-dev] [PATCH v1 1/1] app/procinfo: buffer null termination fix Roman Korynkevych
2017-05-06  9:03 ` Thomas Monjalon
2017-05-07 20:18   ` Bruce Richardson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).