From faf8c3095ac649f3d893ee846e2aa7cf1b4ccf4d Mon Sep 17 00:00:00 2001 From: Chaitanya Babu Talluri Date: Fri, 22 Mar 2019 07:51:42 +0000 Subject: [PATCH] drivers/net: fix possible overflow using strlcat strcat does not check the destination length and there might be chances of string overflow so instead of strcat, strlcat is used. Fixes: 540a211084a7 ("bnx2x: driver core") Fixes: e163c18a15b0 ("net/i40e: update ptype and pctype info") Cc: stable@dpdk.org Signed-off-by: Chaitanya Babu Talluri Reviewed-by: Ferruh Yigit Acked-by: Shahed Shaikh --- drivers/net/bnx2x/bnx2x.c | 5 +++-- drivers/net/i40e/i40e_ethdev.c | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/drivers/net/bnx2x/bnx2x.c b/drivers/net/bnx2x/bnx2x.c index 26b3828e89..ab092e23f0 100644 --- a/drivers/net/bnx2x/bnx2x.c +++ b/drivers/net/bnx2x/bnx2x.c @@ -25,6 +25,7 @@ #include #include #include +#include #define BNX2X_PMD_VER_PREFIX "BNX2X PMD" #define BNX2X_PMD_VERSION_MAJOR 1 @@ -11741,13 +11742,13 @@ static const char *get_bnx2x_flags(uint32_t flags) for (i = 0; i < 5; i++) if (flags & (1 << i)) { - strcat(flag_str, flag[i]); + strlcat(flag_str, flag[i], sizeof(flag_str)); flags ^= (1 << i); } if (flags) { static char unknown[BNX2X_INFO_STR_MAX]; snprintf(unknown, 32, "Unknown flag mask %x", flags); - strcat(flag_str, unknown); + strlcat(flag_str, unknown, sizeof(flag_str)); } return flag_str; } diff --git a/drivers/net/i40e/i40e_ethdev.c b/drivers/net/i40e/i40e_ethdev.c index 8191a6a736..63ec8136d1 100644 --- a/drivers/net/i40e/i40e_ethdev.c +++ b/drivers/net/i40e/i40e_ethdev.c @@ -12202,8 +12202,8 @@ i40e_update_customized_pctype(struct rte_eth_dev *dev, uint8_t *pkg, for (n = 0; n < proto_num; n++) { if (proto[n].proto_id != proto_id) continue; - strcat(name, proto[n].name); - strcat(name, "_"); + strlcat(name, proto[n].name, sizeof(name)); + strlcat(name, "_", sizeof(name)); break; } } -- 2.20.1