From mboxrd@z Thu Jan 1 00:00:00 1970 From: Thomas Monjalon Subject: Re: [PATCH v2] metrics: fix potential missing NULL termination Date: Wed, 04 Apr 2018 16:09:53 +0200 Message-ID: <13984140.EBaPjM1LZT@xps> References: <20180220160559.1143-1-remy.horton@intel.com> <88c28dcd-3d5e-f88c-4c3a-53cb94b356e7@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7Bit Cc: dev@dpdk.org, Ferruh Yigit , Bruce Richardson To: Remy Horton Return-path: Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) by dpdk.org (Postfix) with ESMTP id B60931C65D for ; Wed, 4 Apr 2018 16:09:55 +0200 (CEST) In-Reply-To: <88c28dcd-3d5e-f88c-4c3a-53cb94b356e7@intel.com> List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" 22/03/2018 11:33, Ferruh Yigit: > On 2/20/2018 4:05 PM, Remy Horton wrote: > > Fixes a potential memory overrun detected by Coverity. > > This overrun cannot currently happen in practice because > > rte_metrics_reg_names() explicitly forces the last name > > character to be a NULL terminator. This patch adds the > > same enforcement to rte_metrics_get_names() in order to > > correct the warning, as well as using snprintf instead > > of strncpy to copy name strings. > > There is a patch from Bruce to convert snprintf to strlcpy [1], this patch can > be part of that one. > > [1] > https://dpdk.org/dev/patchwork/patch/35976/ > > > > > Coverity issue: 143434 > > Fixes: 349950ddb9c5 ("metrics: add information metrics library") > > Fixes: 710cab6f675a ("metrics: fix out of bound access") > > > > Signed-off-by: Remy Horton Updated to use strlcpy and applied.