[dpdk-stable] [PATCH v2] examples/vhost_scsi: fix buffer not terminated
Maxime Coquelin
maxime.coquelin at redhat.com
Thu Oct 12 13:09:00 CEST 2017
On 10/12/2017 08:44 AM, Jacek Piasecki wrote:
> Use snprintf instead strncpy to get safe null string termination.
> There was possible to get not terminated string after strncpy operation.
>
> Coverity issue: 158631
> Fixes: db75c7af19bb ("examples/vhost_scsi: introduce a new sample app")
> Cc: changpeng.liu at intel.com
> Cc: stable at dpdk.org
>
> Signed-off-by: Jacek Piasecki <jacekx.piasecki at intel.com>
> ---
> v2:
> * use snprintf instead strncpy
>
> examples/vhost_scsi/scsi.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/examples/vhost_scsi/scsi.c b/examples/vhost_scsi/scsi.c
> index 54d3104..c0f3187 100644
> --- a/examples/vhost_scsi/scsi.c
> +++ b/examples/vhost_scsi/scsi.c
> @@ -307,7 +307,8 @@
> strncpy((char *)inqdata->t10_vendor_id, "INTEL", 8);
>
> /* PRODUCT IDENTIFICATION */
> - strncpy((char *)inqdata->product_id, bdev->product_name, 16);
> + snprintf((char *)inqdata->product_id,
> + ARRAY_SIZE(inqdata->product_id), "%s", bdev->product_name);
>
> /* PRODUCT REVISION LEVEL */
> strncpy((char *)inqdata->product_rev, "0001", 4);
>
Acked-by: Maxime Coquelin <maxime.coquelin at redhat.com>
More information about the stable
mailing list