From fef6b216390f33c066ea15e9de7845dfc3ab6d6a Mon Sep 17 00:00:00 2001 From: Pallantla Poornima Date: Mon, 4 Feb 2019 07:23:48 +0000 Subject: [PATCH] net/softnic: fix possible buffer overflow sprintf function is not secure as it doesn't check the length of string. More secure function snprintf is used. Fixes: daabf2fb949b ("net/softnic: map flow action to table action") Cc: stable@dpdk.org Signed-off-by: Pallantla Poornima Reviewed-by: Ferruh Yigit --- drivers/net/softnic/rte_eth_softnic_flow.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/net/softnic/rte_eth_softnic_flow.c b/drivers/net/softnic/rte_eth_softnic_flow.c index 21e7530014..aefc384dc2 100644 --- a/drivers/net/softnic/rte_eth_softnic_flow.c +++ b/drivers/net/softnic/rte_eth_softnic_flow.c @@ -1283,7 +1283,8 @@ flow_rule_action_get(struct pmd_internals *softnic, action, "QUEUE: Invalid RX queue ID"); - sprintf(name, "RXQ%u", (uint32_t)conf->index); + snprintf(name, sizeof(name), "RXQ%u", + (uint32_t)conf->index); status = softnic_pipeline_port_out_find(softnic, pipeline->name, @@ -1373,7 +1374,7 @@ flow_rule_action_get(struct pmd_internals *softnic, action, "RSS: Invalid RX queue ID"); - sprintf(name, "RXQ%u", + snprintf(name, sizeof(name), "RXQ%u", (uint32_t)conf->queue[i]); status = softnic_pipeline_port_out_find(softnic, -- 2.20.1