From: Stephen Hemminger <stephen@networkplumber.org>
To: "Min Hu (Connor)" <humin29@huawei.com>
Cc: <dev@dpdk.org>, <ferruh.yigit@intel.com>,
<cristian.dumitrescu@intel.com>, <jerinj@marvell.com>,
<jianjay.zhou@huawei.com>, <jia.guo@intel.com>, <g.singh@nxp.com>,
<andrew.rybchenko@oktetlabs.ru>, <hemant.agrawal@nxp.com>,
<orika@nvidia.com>
Subject: Re: [dpdk-dev] [PATCH 06/10] lib/librte_pipeline: fix the use of unsafe strcpy
Date: Fri, 30 Jun 2023 11:08:51 -0700 [thread overview]
Message-ID: <20230630110851.491aa2aa@hermes.local> (raw)
In-Reply-To: <1618839289-33224-7-git-send-email-humin29@huawei.com>
On Mon, 19 Apr 2021 21:34:45 +0800
"Min Hu (Connor)" <humin29@huawei.com> wrote:
> From: HongBo Zheng <zhenghongbo3@huawei.com>
>
> 'strcpy' is called in rte_swx_ctl_table_info_get, this function
> is unsafe, use 'strncpy' instead.
>
> Fixes: 393b96e2aa2a ("pipeline: add SWX pipeline query API")
> Cc: stable@dpdk.org
>
> Signed-off-by: HongBo Zheng <zhenghongbo3@huawei.com>
> Signed-off-by: Min Hu (Connor) <humin29@huawei.com>
> ---
> lib/librte_pipeline/rte_swx_pipeline.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lib/librte_pipeline/rte_swx_pipeline.c b/lib/librte_pipeline/rte_swx_pipeline.c
> index 4455d91..d4db4dd 100644
> --- a/lib/librte_pipeline/rte_swx_pipeline.c
> +++ b/lib/librte_pipeline/rte_swx_pipeline.c
> @@ -9447,8 +9447,8 @@ rte_swx_ctl_table_info_get(struct rte_swx_pipeline *p,
> if (!t)
> return -EINVAL;
>
> - strcpy(table->name, t->name);
> - strcpy(table->args, t->args);
> + strncpy(table->name, t->name, RTE_SWX_CTL_NAME_SIZE);
> + strncpy(table->args, t->args, RTE_SWX_CTL_NAME_SIZE);
> table->n_match_fields = t->n_fields;
> table->n_actions = t->n_actions;
> table->default_action_is_const = t->default_action_is_const;
This patch is unnecessary.
Both structures declare the same size for the name and args.
Therefore the strcpy is always safe as long as the table structure
is correctly setup with null terminated string. If not there are worse bugs.
next prev parent reply other threads:[~2023-06-30 18:08 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-19 13:34 [dpdk-dev] [PATCH 00/10] fixes for clean code Min Hu (Connor)
2021-04-19 13:34 ` [dpdk-dev] [PATCH 01/10] net/pfe: check return value Min Hu (Connor)
2023-06-30 17:59 ` Stephen Hemminger
2021-04-19 13:34 ` [dpdk-dev] [PATCH 02/10] common/sfc_efx/base: delete redundant handling Min Hu (Connor)
2021-04-20 9:33 ` Andrew Rybchenko
2021-04-20 9:42 ` Min Hu (Connor)
2021-04-19 13:34 ` [dpdk-dev] [PATCH 03/10] bus/dpaa: fix management command init calling Min Hu (Connor)
2021-04-20 9:35 ` Andrew Rybchenko
2021-04-20 9:54 ` Min Hu (Connor)
2021-04-19 13:34 ` [dpdk-dev] [PATCH 04/10] app/regex: fix division by zero Min Hu (Connor)
2021-04-19 17:48 ` Ori Kam
2021-04-19 13:34 ` [dpdk-dev] [PATCH 05/10] app/test: add null pointer check of memory allocation Min Hu (Connor)
2022-06-26 17:48 ` Thomas Monjalon
2021-04-19 13:34 ` [dpdk-dev] [PATCH 06/10] lib/librte_pipeline: fix the use of unsafe strcpy Min Hu (Connor)
2021-04-20 9:36 ` Andrew Rybchenko
2023-06-30 18:08 ` Stephen Hemminger [this message]
2023-07-03 10:57 ` Dumitrescu, Cristian
2021-04-19 13:34 ` [dpdk-dev] [PATCH 07/10] examples/l3fwd: add function return value check Min Hu (Connor)
2023-06-30 18:15 ` Stephen Hemminger
2021-04-19 13:34 ` [dpdk-dev] [PATCH 08/10] crypto/virtio: fix return values check error Min Hu (Connor)
2023-06-30 18:14 ` Stephen Hemminger
2021-04-19 13:34 ` [dpdk-dev] [PATCH 09/10] net/e1000: add function return value check Min Hu (Connor)
2021-04-19 13:34 ` [dpdk-dev] [PATCH 10/10] net/bonding: fix configuration assignment overflow Min Hu (Connor)
2023-06-30 18:02 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230630110851.491aa2aa@hermes.local \
--to=stephen@networkplumber.org \
--cc=andrew.rybchenko@oktetlabs.ru \
--cc=cristian.dumitrescu@intel.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=g.singh@nxp.com \
--cc=hemant.agrawal@nxp.com \
--cc=humin29@huawei.com \
--cc=jerinj@marvell.com \
--cc=jia.guo@intel.com \
--cc=jianjay.zhou@huawei.com \
--cc=orika@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).