* [PATCH 1/3] ethdev: remove use of strncpy
2026-06-23 14:19 [PATCH 0/3] lib: remove use of strncpy Bruce Richardson
@ 2026-06-23 14:19 ` Bruce Richardson
2026-06-23 14:19 ` [PATCH 2/3] eventdev: improve bounds checks for names in adapter create Bruce Richardson
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Bruce Richardson @ 2026-06-23 14:19 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Thomas Monjalon, Andrew Rybchenko,
Harman Kalra, Ferruh Yigit
The use of strncpy is not generally recommended, so replace it in code
tokenizing the representor list. Since its use in the function is not
involving null-terminated strings (we know that copied block will
not involve a null value in it), we can replace strncpy with memcpy
rather than a string function. This keeps the original intent of the
code.
For extra safety, also add in an explicit bounds check on the length
value before doing the memcpy.
Fixes: 9a9eb104edf6 ("ethdev: parse multiple representor devargs")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
lib/ethdev/ethdev_driver.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/ethdev/ethdev_driver.c b/lib/ethdev/ethdev_driver.c
index 70ddce5bfc..4043ce898f 100644
--- a/lib/ethdev/ethdev_driver.c
+++ b/lib/ethdev/ethdev_driver.c
@@ -583,10 +583,15 @@ eth_dev_tokenise_representor_list(char *p_val, struct rte_eth_devargs *eth_devar
return devargs;
}
+ /* len - 2 strips the outer '[' and ']'; guard against underflow and overflow */
+ if (len < 2 || (len - 2) >= BUFSIZ) {
+ RTE_ETHDEV_LOG_LINE(ERR, "Representor list too long or malformed: %s", p_val);
+ return -EINVAL;
+ }
memset(str, 0, BUFSIZ);
memset(da_val, 0, BUFSIZ);
/* Remove the exterior [] of the consolidated list */
- strncpy(str, &p_val[1], len - 2);
+ memcpy(str, &p_val[1], len - 2);
while (1) {
if (str[i] == '\0') {
if (da_val[0] != '\0') {
--
2.53.0
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH 2/3] eventdev: improve bounds checks for names in adapter create
2026-06-23 14:19 [PATCH 0/3] lib: remove use of strncpy Bruce Richardson
2026-06-23 14:19 ` [PATCH 1/3] ethdev: " Bruce Richardson
@ 2026-06-23 14:19 ` Bruce Richardson
2026-06-23 14:19 ` [PATCH 3/3] vhost: remove use of strncpy Bruce Richardson
2026-06-24 1:53 ` [PATCH 0/3] lib: " fengchengwen
3 siblings, 0 replies; 5+ messages in thread
From: Bruce Richardson @ 2026-06-23 14:19 UTC (permalink / raw)
To: dev; +Cc: Bruce Richardson, stable, Naga Harish K S V, Jerin Jacob,
Nikhil Rao
The bounds checks for snprintf and then strncpy used different constant
defines, which happened to resolve to the same value (32). Make this
code more resilient by using sizeof() operator rather than the defines,
and replace use of strncpy with the better strlcpy.
Fixes: a3bbf2e09756 ("eventdev: add eth Tx adapter implementation")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
lib/eventdev/rte_event_eth_tx_adapter.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/eventdev/rte_event_eth_tx_adapter.c b/lib/eventdev/rte_event_eth_tx_adapter.c
index 91c7be55c7..d531da5d69 100644
--- a/lib/eventdev/rte_event_eth_tx_adapter.c
+++ b/lib/eventdev/rte_event_eth_tx_adapter.c
@@ -748,7 +748,7 @@ txa_service_adapter_create_ext(uint8_t id, struct rte_eventdev *dev,
return -EINVAL;
socket_id = dev->data->socket_id;
- snprintf(mem_name, TXA_MEM_NAME_LEN,
+ snprintf(mem_name, sizeof(mem_name),
"rte_event_eth_txa_%d",
id);
@@ -767,7 +767,7 @@ txa_service_adapter_create_ext(uint8_t id, struct rte_eventdev *dev,
txa->id = id;
txa->eventdev_id = dev->data->dev_id;
txa->socket_id = socket_id;
- strncpy(txa->mem_name, mem_name, TXA_SERVICE_NAME_LEN);
+ strlcpy(txa->mem_name, mem_name, sizeof(txa->mem_name));
txa->conf_cb = conf_cb;
txa->conf_arg = conf_arg;
txa->service_id = TXA_INVALID_SERVICE_ID;
--
2.53.0
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH 3/3] vhost: remove use of strncpy
2026-06-23 14:19 [PATCH 0/3] lib: remove use of strncpy Bruce Richardson
2026-06-23 14:19 ` [PATCH 1/3] ethdev: " Bruce Richardson
2026-06-23 14:19 ` [PATCH 2/3] eventdev: improve bounds checks for names in adapter create Bruce Richardson
@ 2026-06-23 14:19 ` Bruce Richardson
2026-06-24 1:53 ` [PATCH 0/3] lib: " fengchengwen
3 siblings, 0 replies; 5+ messages in thread
From: Bruce Richardson @ 2026-06-23 14:19 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Maxime Coquelin, Chenbo Xia,
Yuanhan Liu, David Marchand, Stephen Hemminger
The strlcpy is preferred over use of strncpy, which removes the need to
try and explicitly null-terminate some string buffers. We can also
simplify some name length handling as a result of this, as we no longer
need to use strnlen to clamp the length before calling the set_ifname
function.
Fixes: a277c7159876 ("vhost: refactor code structure")
Fixes: 0adb8eccc6a6 ("vhost: add VDUSE device creation and destruction")
Fixes: c171a2d5ff17 ("vhost: use strlcpy instead of strncpy")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
lib/vhost/socket.c | 4 +---
lib/vhost/vduse.c | 2 +-
lib/vhost/vhost.c | 12 +++---------
lib/vhost/vhost.h | 2 +-
4 files changed, 6 insertions(+), 14 deletions(-)
diff --git a/lib/vhost/socket.c b/lib/vhost/socket.c
index 70e582a18d..0943b3e9bb 100644
--- a/lib/vhost/socket.c
+++ b/lib/vhost/socket.c
@@ -207,7 +207,6 @@ static void
vhost_user_add_connection(int fd, struct vhost_user_socket *vsocket)
{
int vid;
- size_t size;
struct vhost_user_connection *conn;
int ret;
struct virtio_net *dev;
@@ -226,8 +225,7 @@ vhost_user_add_connection(int fd, struct vhost_user_socket *vsocket)
goto err;
}
- size = strnlen(vsocket->path, PATH_MAX);
- vhost_set_ifname(vid, vsocket->path, size);
+ vhost_set_ifname(vid, vsocket->path);
vhost_setup_virtio_net(vid, vsocket->use_builtin_virtio_net,
vsocket->net_compliant_ol_flags, vsocket->stats_enabled,
diff --git a/lib/vhost/vduse.c b/lib/vhost/vduse.c
index 0b5d158fee..f8a4a8edcb 100644
--- a/lib/vhost/vduse.c
+++ b/lib/vhost/vduse.c
@@ -796,7 +796,7 @@ vduse_device_create(const char *path, bool compliant_ol_flags, bool extbuf, bool
goto out_dev_destroy;
}
- strncpy(dev->ifname, path, IF_NAME_SZ - 1);
+ strlcpy(dev->ifname, path, sizeof(dev->ifname));
dev->vduse_ctrl_fd = control_fd;
dev->vduse_dev_fd = dev_fd;
diff --git a/lib/vhost/vhost.c b/lib/vhost/vhost.c
index 7e68b2c3be..fde8acb00c 100644
--- a/lib/vhost/vhost.c
+++ b/lib/vhost/vhost.c
@@ -776,20 +776,15 @@ vhost_attach_vdpa_device(int vid, struct rte_vdpa_device *vdpa_dev)
}
void
-vhost_set_ifname(int vid, const char *if_name, unsigned int if_len)
+vhost_set_ifname(int vid, const char *if_name)
{
struct virtio_net *dev;
- unsigned int len;
dev = get_device(vid);
if (dev == NULL)
return;
- len = if_len > sizeof(dev->ifname) ?
- sizeof(dev->ifname) : if_len;
-
- strncpy(dev->ifname, if_name, len);
- dev->ifname[sizeof(dev->ifname) - 1] = '\0';
+ strlcpy(dev->ifname, if_name, sizeof(dev->ifname));
}
void
@@ -915,8 +910,7 @@ rte_vhost_get_ifname(int vid, char *buf, size_t len)
len = RTE_MIN(len, sizeof(dev->ifname));
- strncpy(buf, dev->ifname, len);
- buf[len - 1] = '\0';
+ strlcpy(buf, dev->ifname, len);
return 0;
}
diff --git a/lib/vhost/vhost.h b/lib/vhost/vhost.h
index ee61f7415e..1c957d2929 100644
--- a/lib/vhost/vhost.h
+++ b/lib/vhost/vhost.h
@@ -877,7 +877,7 @@ int alloc_vring_queue(struct virtio_net *dev, uint32_t vring_idx);
void vhost_attach_vdpa_device(int vid, struct rte_vdpa_device *dev);
-void vhost_set_ifname(int, const char *if_name, unsigned int if_len);
+void vhost_set_ifname(int, const char *if_name);
void vhost_setup_virtio_net(int vid, bool enable, bool legacy_ol_flags, bool stats_enabled,
bool support_iommu);
void vhost_enable_extbuf(int vid);
--
2.53.0
^ permalink raw reply related [flat|nested] 5+ messages in thread