[dpdk-dev] [PATCH] l2fwd-crypto: fix coverity defect

Declan Doherty declan.doherty at intel.com
Thu Apr 7 18:00:35 CEST 2016

Previous message: [dpdk-dev] [PATCH] l2fwd-crypto: fix coverity defect
Next message: [dpdk-dev] [PATCH] l2fwd-crypto: fix coverity defect
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/04/16 14:23, Pablo de Lara wrote:
> When parsing crypto device type, the string was being copied
> with strcpy(), which could overflow the destination buffer
> (which is 32 byte long), so snprintf() should be used instead.
>
> This fixes coverity issue 124575:
>
> /examples/l2fwd-crypto/main.c: 1005 in l2fwd_crypto_parse_args_long_options()
> *** CID 124575:    (STRING_OVERFLOW)
> 999
> 1000     	/* Authentication options */
> 1001     	else if (strcmp(lgopts[option_index].name, "auth_algo") == 0) {
> 1002     		retval = parse_auth_algo(&options->auth_xform.auth.algo,
> 1003     				optarg);
> 1004     		if (retval == 0)
>>>>      CID 124575:    (STRING_OVERFLOW)
>>>>      You might overrun the 32 byte fixed-size string "options->string_auth_algo" by copying "optarg" without checking the length.
> 1005     			strcpy(options->string_auth_algo, optarg);
> 1006     		return retval;
> 1007     	}
>
> Fixes: commit 49f79e86480d ("examples/l2fwd-crypto: add missing string initialization")
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
> ---
...
>
Acked-by: Declan Doherty <declan.doherty at intel.com>

Previous message: [dpdk-dev] [PATCH] l2fwd-crypto: fix coverity defect
Next message: [dpdk-dev] [PATCH] l2fwd-crypto: fix coverity defect
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list