net/softnic: fix possible buffer overflow
authorPallantla Poornima <pallantlax.poornima@intel.com>
Mon, 4 Feb 2019 07:23:48 +0000 (07:23 +0000)
committerFerruh Yigit <ferruh.yigit@intel.com>
Fri, 1 Mar 2019 17:17:36 +0000 (18:17 +0100)
sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf is used.

Fixes: daabf2fb949b ("net/softnic: map flow action to table action")
Cc: stable@dpdk.org
Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
drivers/net/softnic/rte_eth_softnic_flow.c

index 21e7530..aefc384 100644 (file)
@@ -1283,7 +1283,8 @@ flow_rule_action_get(struct pmd_internals *softnic,
                                        action,
                                        "QUEUE: Invalid RX queue ID");
 
-                       sprintf(name, "RXQ%u", (uint32_t)conf->index);
+                       snprintf(name, sizeof(name), "RXQ%u",
+                                       (uint32_t)conf->index);
 
                        status = softnic_pipeline_port_out_find(softnic,
                                pipeline->name,
@@ -1373,7 +1374,7 @@ flow_rule_action_get(struct pmd_internals *softnic,
                                                action,
                                                "RSS: Invalid RX queue ID");
 
-                               sprintf(name, "RXQ%u",
+                               snprintf(name, sizeof(name), "RXQ%u",
                                        (uint32_t)conf->queue[i]);
 
                                status = softnic_pipeline_port_out_find(softnic,