From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tchaitax@ecsmtp.ir.intel.com>
Received: from mga18.intel.com (mga18.intel.com [134.134.136.126])
 by dpdk.org (Postfix) with ESMTP id 6ED5827D;
 Fri,  8 Mar 2019 13:47:01 +0100 (CET)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
 by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 08 Mar 2019 04:47:00 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.58,455,1544515200"; d="scan'208";a="149814039"
Received: from irvmail001.ir.intel.com ([163.33.26.43])
 by fmsmga002.fm.intel.com with ESMTP; 08 Mar 2019 04:46:58 -0800
Received: from wgcvswdev001.ir.intel.com (wgcvswdev001.ir.intel.com
 [10.102.246.100])
 by irvmail001.ir.intel.com (8.14.3/8.13.6/MailSET/Hub) with ESMTP id
 x28CkvxS005267; Fri, 8 Mar 2019 12:46:57 GMT
Received: from wgcvswdev001.ir.intel.com (localhost [127.0.0.1])
 by wgcvswdev001.ir.intel.com with ESMTP id x28CkJc0005232;
 Fri, 8 Mar 2019 12:46:19 GMT
Received: (from tchaitax@localhost)
	by wgcvswdev001.ir.intel.com with œ id x28CkJe8005227;
	Fri, 8 Mar 2019 12:46:19 GMT
From: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
To: dev@dpdk.org
Cc: reshma.pattan@intel.com, jananeex.m.parthasarathy@intel.com,
 cristian.dumitrescu@intel.com, ferruh.yigit@intel.com,
 bruce.richardson@intel.com,
 Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>, stable@dpdk.org
Date: Fri,  8 Mar 2019 12:45:50 +0000
Message-Id: <1552049150-5046-1-git-send-email-tallurix.chaitanya.babu@intel.com>
X-Mailer: git-send-email 1.7.0.7
In-Reply-To: <1550136631-32415-1-git-send-email-tallurix.chaitanya.babu@intel.com>
References: <1550136631-32415-1-git-send-email-tallurix.chaitanya.babu@intel.com>
Subject: [dpdk-stable] [PATCH v2] lib/cfgfile: replace strcat with strlcat
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2019 12:47:02 -0000

Replace strcat with strlcat to avoid buffer overflow.

Fixes: a6a47ac9c2 ("cfgfile: rework load function")
Cc: stable@dpdk.org

Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
---
v2: Instead of strcat, used strlcat.
---
 lib/librte_cfgfile/rte_cfgfile.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/librte_cfgfile/rte_cfgfile.c b/lib/librte_cfgfile/rte_cfgfile.c
index 7d8c941ea..3296bb6f8 100644
--- a/lib/librte_cfgfile/rte_cfgfile.c
+++ b/lib/librte_cfgfile/rte_cfgfile.c
@@ -8,6 +8,7 @@
 #include <ctype.h>
 #include <errno.h>
 #include <rte_common.h>
+#include <rte_string_fns.h>
 
 #include "rte_cfgfile.h"
 
@@ -224,10 +225,11 @@ rte_cfgfile_load_with_params(const char *filename, int flags,
 			_strip(split[1], strlen(split[1]));
 			char *end = memchr(split[1], '\\', strlen(split[1]));
 
+			size_t split_len = strlen(split[1]) + 1;
 			while (end != NULL) {
 				if (*(end+1) == params->comment_character) {
 					*end = '\0';
-					strcat(split[1], end+1);
+					strlcat(split[1], end+1, split_len);
 				} else
 					end++;
 				end = memchr(end, '\\', strlen(end));
-- 
2.17.2