From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by dpdk.space (Postfix) with ESMTP id F085FA05D3
	for <public@inbox.dpdk.org>; Thu, 25 Apr 2019 17:41:40 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id E568A1B5EA;
	Thu, 25 Apr 2019 17:41:40 +0200 (CEST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by dpdk.org (Postfix) with ESMTP id 8B4531B5EC
 for <stable@dpdk.org>; Thu, 25 Apr 2019 17:41:39 +0200 (CEST)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id F24C7308A11D;
 Thu, 25 Apr 2019 15:41:38 +0000 (UTC)
Received: from rh.redhat.com (unknown [10.36.116.255])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 142205D9C6;
 Thu, 25 Apr 2019 15:41:37 +0000 (UTC)
From: Kevin Traynor <ktraynor@redhat.com>
To: Pallantla Poornima <pallantlax.poornima@intel.com>
Cc: Aaron Conole <aconole@redhat.com>,
	dpdk stable <stable@dpdk.org>
Date: Thu, 25 Apr 2019 16:40:09 +0100
Message-Id: <20190425154037.28778-34-ktraynor@redhat.com>
In-Reply-To: <20190425154037.28778-1-ktraynor@redhat.com>
References: <20190425154037.28778-1-ktraynor@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.44]); Thu, 25 Apr 2019 15:41:39 +0000 (UTC)
Subject: [dpdk-stable] patch 'app/test: fix sprintf with strlcat' has been
	queued to LTS release 18.11.2
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org
Sender: "stable" <stable-bounces@dpdk.org>

Hi,

FYI, your patch has been queued to LTS release 18.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 05/01/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches can be viewed on the 18.11 branch at:
	https://github.com/kevintraynor/dpdk-stable-queue.git

Thanks.

Kevin Traynor

---
>From d6afd41e9e475795a96408ca2cebe8f98b43b157 Mon Sep 17 00:00:00 2001
From: Pallantla Poornima <pallantlax.poornima@intel.com>
Date: Wed, 13 Mar 2019 11:07:23 +0000
Subject: [PATCH] app/test: fix sprintf with strlcat

[ upstream commit 323643727f4c5653d9a1ddc552d95bae2b2c2e5c ]

sprintf function is not secure as it doesn't check the length of string.
More secure function strlcat is used.

Fixes: 727909c592 ("app/test: introduce dynamic commands list")

Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
Reviewed-by: Aaron Conole <aconole@redhat.com>
---
 test/test/commands.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/test/test/commands.c b/test/test/commands.c
index 94fbc310e..8d5a03a95 100644
--- a/test/test/commands.c
+++ b/test/test/commands.c
@@ -45,4 +45,5 @@
 #include <cmdline_parse_string.h>
 #include <cmdline.h>
+#include <rte_string_fns.h>
 
 #include "test.h"
@@ -366,5 +367,5 @@ int commands_init(void)
 {
 	struct test_command *t;
-	char *commands, *ptr;
+	char *commands;
 	int commands_len = 0;
 
@@ -373,14 +374,13 @@ int commands_init(void)
 	}
 
-	commands = malloc(commands_len + 1);
+	commands = (char *)calloc(commands_len, sizeof(char));
 	if (!commands)
 		return -1;
 
-	ptr = commands;
 	TAILQ_FOREACH(t, &commands_list, next) {
-		ptr += sprintf(ptr, "%s#", t->command);
+		strlcat(commands, t->command, commands_len);
+		if (TAILQ_NEXT(t, next) != NULL)
+			strlcat(commands, "#", commands_len);
 	}
-	ptr--;
-	ptr[0] = '\0';
 
 	cmd_autotest_autotest.string_data.str = commands;
-- 
2.20.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-04-25 16:37:48.227801793 +0100
+++ 0034-app-test-fix-sprintf-with-strlcat.patch	2019-04-25 16:37:46.742295018 +0100
@@ -1 +1 @@
-From 323643727f4c5653d9a1ddc552d95bae2b2c2e5c Mon Sep 17 00:00:00 2001
+From d6afd41e9e475795a96408ca2cebe8f98b43b157 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 323643727f4c5653d9a1ddc552d95bae2b2c2e5c ]
+
@@ -10 +11,0 @@
-Cc: stable@dpdk.org
@@ -15 +16 @@
- app/test/commands.c | 12 ++++++------
+ test/test/commands.c | 12 ++++++------
@@ -18 +19 @@
-diff --git a/app/test/commands.c b/app/test/commands.c
+diff --git a/test/test/commands.c b/test/test/commands.c
@@ -20,2 +21,2 @@
---- a/app/test/commands.c
-+++ b/app/test/commands.c
+--- a/test/test/commands.c
++++ b/test/test/commands.c