From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by dpdk.org (Postfix) with ESMTP id 1503B2C66 for ; Tue, 20 Feb 2018 16:11:17 +0100 (CET) X-Amp-Result: UNSCANNABLE X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Feb 2018 07:11:16 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,539,1511856000"; d="scan'208";a="29345467" Received: from bricha3-mobl3.ger.corp.intel.com ([10.237.221.77]) by orsmga003.jf.intel.com with SMTP; 20 Feb 2018 07:11:15 -0800 Received: by (sSMTP sendmail emulation); Tue, 20 Feb 2018 15:11:14 +0000 Date: Tue, 20 Feb 2018 15:11:13 +0000 From: Bruce Richardson To: Remy Horton Cc: dev@dpdk.org Message-ID: <20180220151113.GB14804@bricha3-MOBL3.ger.corp.intel.com> References: <20180220145001.18442-1-remy.horton@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180220145001.18442-1-remy.horton@intel.com> Organization: Intel Research and Development Ireland Ltd. User-Agent: Mutt/1.9.1 (2017-09-22) Subject: Re: [dpdk-dev] [PATCH v1] metrics: fix potential missing NULL termination X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Feb 2018 15:11:18 -0000 On Tue, Feb 20, 2018 at 02:50:01PM +0000, Remy Horton wrote: > Fixes a potential memory overrun detected by Coverity. > This overrun cannot currently happen in practice because > rte_metrics_reg_names() explicitly forces the last name > character to be a NULL terminator. This patch adds the > same enforcement to rte_metrics_get_names() in order to > correct the warning. > > Coverity issue: 143434 > Fixes: 349950ddb9c5 ("metrics: add information metrics library") > > Signed-off-by: Remy Horton > --- > lib/librte_metrics/rte_metrics.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/lib/librte_metrics/rte_metrics.c b/lib/librte_metrics/rte_metrics.c > index 556ae1b..958ef3d 100644 > --- a/lib/librte_metrics/rte_metrics.c > +++ b/lib/librte_metrics/rte_metrics.c > @@ -214,10 +214,15 @@ rte_metrics_get_names(struct rte_metric_name *names, > rte_spinlock_unlock(&stats->lock); > return return_value; > } > - for (idx_name = 0; idx_name < stats->cnt_stats; idx_name++) > + for (idx_name = 0; idx_name < stats->cnt_stats; idx_name++) { > strncpy(names[idx_name].name, > stats->metadata[idx_name].name, > RTE_METRICS_MAX_NAME_LEN); > + /* Enforce NULL-termination. The source string should already > + * be NULL-terminated, so this is to quieten lint checks.. > + */ > + names[idx_name].name[RTE_METRICS_MAX_NAME_LEN - 1] = '\0'; > + } > } Again, I think the better fix is to replace strncpy with snprintf which will guarantee the null termination, unlike strncpy which is nasty that way. /Bruce