From cde417155fa3dd351c230731ddfc8db3f57db227 Mon Sep 17 00:00:00 2001
From: Pallantla Poornima <pallantlax.poornima@intel.com>
Date: Tue, 9 Apr 2019 14:05:40 +0100
Subject: [PATCH] app/bbdev: replace sprintf with snprintf or strlcpy

sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf and strlcpy is used.

Fixes: f714a18885 ("app/testbbdev: add test application for bbdev")
Cc: stable@dpdk.org

Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
Acked-by: Amr Mokhtar <amr.mokhtar@intel.com>
---
 app/test-bbdev/test_bbdev.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/app/test-bbdev/test_bbdev.c b/app/test-bbdev/test_bbdev.c
index a914817bc6..137c74cde3 100644
--- a/app/test-bbdev/test_bbdev.c
+++ b/app/test-bbdev/test_bbdev.c
@@ -14,6 +14,8 @@
 #include <rte_bbdev.h>
 #include <rte_bbdev_op.h>
 #include <rte_bbdev_pmd.h>
+#include<string.h>
+#include <rte_string_fns.h>
 
 #include "main.h"
 
@@ -788,14 +790,14 @@ test_bbdev_driver_init(void)
 
 	/* Initialize the maximum amount of devices */
 	do {
-		sprintf(name_tmp, "%s%i", "name_", num_devs);
+		snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
 		dev2 = rte_bbdev_allocate(name_tmp);
 		TEST_ASSERT(dev2 != NULL,
 				"Failed to initialize bbdev driver");
 		++num_devs;
 	} while (num_devs < (RTE_BBDEV_MAX_DEVS - 1));
 
-	sprintf(name_tmp, "%s%i", "name_", num_devs);
+	snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
 	dev2 = rte_bbdev_allocate(name_tmp);
 	TEST_ASSERT(dev2 == NULL, "Failed to initialize bbdev driver number %d "
 			"more drivers than RTE_BBDEV_MAX_DEVS: %d ", num_devs,
@@ -804,7 +806,7 @@ test_bbdev_driver_init(void)
 	num_devs--;
 
 	while (num_devs >= num_devs_tmp) {
-		sprintf(name_tmp, "%s%i", "name_", num_devs);
+		snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
 		dev2 = rte_bbdev_get_named_dev(name_tmp);
 		TEST_ASSERT_SUCCESS(rte_bbdev_release(dev2),
 				"Failed to uninitialize bbdev driver %s ",
@@ -825,7 +827,7 @@ test_bbdev_driver_init(void)
 	TEST_ASSERT_FAIL(rte_bbdev_release(NULL),
 			"Failed to uninitialize bbdev driver with NULL bbdev");
 
-	sprintf(name_tmp, "%s", "invalid_name");
+	strlcpy(name_tmp, "invalid_name", sizeof(name_tmp));
 	dev2 = rte_bbdev_get_named_dev(name_tmp);
 	TEST_ASSERT_FAIL(rte_bbdev_release(dev2),
 			"Failed to uninitialize bbdev driver with invalid name");
-- 
2.20.1