From cde417155fa3dd351c230731ddfc8db3f57db227 Mon Sep 17 00:00:00 2001 From: Pallantla Poornima Date: Tue, 9 Apr 2019 14:05:40 +0100 Subject: [PATCH] app/bbdev: replace sprintf with snprintf or strlcpy sprintf function is not secure as it doesn't check the length of string. More secure function snprintf and strlcpy is used. Fixes: f714a18885 ("app/testbbdev: add test application for bbdev") Cc: stable@dpdk.org Signed-off-by: Pallantla Poornima Acked-by: Amr Mokhtar --- app/test-bbdev/test_bbdev.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/app/test-bbdev/test_bbdev.c b/app/test-bbdev/test_bbdev.c index a914817bc6..137c74cde3 100644 --- a/app/test-bbdev/test_bbdev.c +++ b/app/test-bbdev/test_bbdev.c @@ -14,6 +14,8 @@ #include #include #include +#include +#include #include "main.h" @@ -788,14 +790,14 @@ test_bbdev_driver_init(void) /* Initialize the maximum amount of devices */ do { - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_allocate(name_tmp); TEST_ASSERT(dev2 != NULL, "Failed to initialize bbdev driver"); ++num_devs; } while (num_devs < (RTE_BBDEV_MAX_DEVS - 1)); - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_allocate(name_tmp); TEST_ASSERT(dev2 == NULL, "Failed to initialize bbdev driver number %d " "more drivers than RTE_BBDEV_MAX_DEVS: %d ", num_devs, @@ -804,7 +806,7 @@ test_bbdev_driver_init(void) num_devs--; while (num_devs >= num_devs_tmp) { - sprintf(name_tmp, "%s%i", "name_", num_devs); + snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs); dev2 = rte_bbdev_get_named_dev(name_tmp); TEST_ASSERT_SUCCESS(rte_bbdev_release(dev2), "Failed to uninitialize bbdev driver %s ", @@ -825,7 +827,7 @@ test_bbdev_driver_init(void) TEST_ASSERT_FAIL(rte_bbdev_release(NULL), "Failed to uninitialize bbdev driver with NULL bbdev"); - sprintf(name_tmp, "%s", "invalid_name"); + strlcpy(name_tmp, "invalid_name", sizeof(name_tmp)); dev2 = rte_bbdev_get_named_dev(name_tmp); TEST_ASSERT_FAIL(rte_bbdev_release(dev2), "Failed to uninitialize bbdev driver with invalid name"); -- 2.20.1