[dpdk-dev] [PATCH v4 07/18] net/nfp/nfpcore: off-by-one and no NUL on strncpy use
Andy Green
andy at warmcat.com
Sat May 12 03:17:38 CEST 2018
On 05/11/2018 06:33 PM, De Lara Guarch, Pablo wrote:
>
>
>> -----Original Message-----
>> From: dev [mailto:dev-bounces at dpdk.org] On Behalf Of Andy Green
>> Sent: Friday, May 11, 2018 2:46 AM
>> To: dev at dpdk.org
>> Subject: [dpdk-dev] [PATCH v4 07/18] net/nfp/nfpcore: off-by-one and no NUL
>> on strncpy use
>>
>> /home/agreen/projects/dpdk/drivers/net/nfp/nfpcore/nfp_resource.c:
>> 76:2:error: ‘strncpy’ output may be truncated copying 8 bytes from a string of
>> length 8 [-Werror=stringop-truncation]
>> strncpy(name_pad, res->name, sizeof(name_pad));
>>
>> Signed-off-by: Andy Green <andy at warmcat.com>
>> ---
>> drivers/net/nfp/nfpcore/nfp_resource.c | 10 ++++++----
>> 1 file changed, 6 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/net/nfp/nfpcore/nfp_resource.c
>> b/drivers/net/nfp/nfpcore/nfp_resource.c
>> index e1df2b2e1..dd41fa4de 100644
>> --- a/drivers/net/nfp/nfpcore/nfp_resource.c
>> +++ b/drivers/net/nfp/nfpcore/nfp_resource.c
>
> ...
>
>> - memset(name_pad, 0, NFP_RESOURCE_ENTRY_NAME_SZ);
>> - strncpy(name_pad, res->name, sizeof(name_pad));
>> + memset(name_pad, 0, sizeof(name_pad));
>> + strlcpy(name_pad, res->name, sizeof(name_pad));
>
> I think memset is not required, as strlcpy already null terminate the buffer.
It seems required to keep it, because of the exciting code just below it:
/* Search for a matching entry */
if (!memcmp(name_pad, NFP_RESOURCE_TBL_NAME "\0\0\0\0\0\0\0\0",
8)) {
printf("Grabbing device lock not supported\n");
return -EOPNOTSUPP;
}
-Andy
> ...
>
> Missing fixes line.
>
> Fixes: c7e9729da6b5 ("net/nfp: support CPP")
>
> Acked-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
>
More information about the dev
mailing list