From 323643727f4c5653d9a1ddc552d95bae2b2c2e5c Mon Sep 17 00:00:00 2001 From: Pallantla Poornima Date: Wed, 13 Mar 2019 11:07:23 +0000 Subject: [PATCH] app/test: fix sprintf with strlcat sprintf function is not secure as it doesn't check the length of string. More secure function strlcat is used. Fixes: 727909c592 ("app/test: introduce dynamic commands list") Cc: stable@dpdk.org Signed-off-by: Pallantla Poornima Reviewed-by: Aaron Conole --- app/test/commands.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/app/test/commands.c b/app/test/commands.c index 94fbc310ed..8d5a03a954 100644 --- a/app/test/commands.c +++ b/app/test/commands.c @@ -44,6 +44,7 @@ #include #include #include +#include #include "test.h" @@ -365,23 +366,22 @@ cmdline_parse_ctx_t main_ctx[] = { int commands_init(void) { struct test_command *t; - char *commands, *ptr; + char *commands; int commands_len = 0; TAILQ_FOREACH(t, &commands_list, next) { commands_len += strlen(t->command) + 1; } - commands = malloc(commands_len + 1); + commands = (char *)calloc(commands_len, sizeof(char)); if (!commands) return -1; - ptr = commands; TAILQ_FOREACH(t, &commands_list, next) { - ptr += sprintf(ptr, "%s#", t->command); + strlcat(commands, t->command, commands_len); + if (TAILQ_NEXT(t, next) != NULL) + strlcat(commands, "#", commands_len); } - ptr--; - ptr[0] = '\0'; cmd_autotest_autotest.string_data.str = commands; return 0; -- 2.20.1