net/softnic: fix possible buffer overflow

sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf is used.

Fixes: daabf2fb949b ("net/softnic: map flow action to table action")
Cc: stable@dpdk.org
Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>

diff --git a/drivers/net/softnic/rte_eth_softnic_flow.c b/drivers/net/softnic/rte_eth_softnic_flow.c
index 21e7530..aefc384 100644 (file)
--- a/drivers/net/softnic/rte_eth_softnic_flow.c
+++ b/drivers/net/softnic/rte_eth_softnic_flow.c
@@ -1283,7 +1283,8 @@ flow_rule_action_get(struct pmd_internals *softnic,
                                        action,
                                        "QUEUE: Invalid RX queue ID");
 
-                       sprintf(name, "RXQ%u", (uint32_t)conf->index);
+                       snprintf(name, sizeof(name), "RXQ%u",
+                                       (uint32_t)conf->index);
 
                        status = softnic_pipeline_port_out_find(softnic,
                                pipeline->name,
@@ -1373,7 +1374,7 @@ flow_rule_action_get(struct pmd_internals *softnic,
                                                action,
                                                "RSS: Invalid RX queue ID");
 
-                               sprintf(name, "RXQ%u",
+                               snprintf(name, sizeof(name), "RXQ%u",
                                        (uint32_t)conf->queue[i]);
 
                                status = softnic_pipeline_port_out_find(softnic,