From: Bruce Richardson <bruce.richardson@intel.com>
To: dev@dpdk.org
Cc: Bruce Richardson <bruce.richardson@intel.com>,
stable@dpdk.org,
Cristian Dumitrescu <cristian.dumitrescu@intel.com>,
Radu Nicolau <radu.nicolau@intel.com>,
Akhil Goyal <gakhil@marvell.com>,
Fan Zhang <fanzhang.oss@gmail.com>,
Anatoly Burakov <anatoly.burakov@intel.com>,
Sivaprasad Tummala <sivaprasad.tummala@amd.com>,
Jasvinder Singh <jasvinder.singh@intel.com>,
Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>,
Ferruh Yigit <ferruh.yigit@amd.com>,
Pablo de Lara <pablo.de.lara.guarch@intel.com>,
Declan Doherty <declan.doherty@intel.com>,
Alan Carew <alan.carew@intel.com>
Subject: [PATCH] examples: use strlcpy and strlcat
Date: Tue, 23 Jun 2026 16:41:08 +0100 [thread overview]
Message-ID: <20260623154109.722441-1-bruce.richardson@intel.com> (raw)
Replace strncpy and other unbounded string functions, e.g. strcpy,
strcat, with the safer alternatives strlcpy and strlcat, so that we can
guarantee null termination of strings.
Fixes: 4bbf8e30aa5e ("examples/ip_pipeline: add CLI interface")
Fixes: 5f657a7fbe86 ("examples/pipeline: add message passing mechanism")
Fixes: 83f58a7b7b0a ("examples/pipeline: add commands for direct registers")
Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
Fixes: 63e8c07c7245 ("examples/ipsec-secgw: fix configuration parsing")
Fixes: 41e97c2ea9e6 ("examples/l2fwd-crypto: extend crypto information")
Fixes: e8ae9b662506 ("examples/vm_power: channel manager and monitor in host")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
examples/ip_pipeline/conn.c | 4 ++--
examples/ipsec-secgw/sa.c | 4 ++--
examples/l2fwd-crypto/main.c | 12 ++++++------
examples/pipeline/cli.c | 4 ++--
examples/pipeline/conn.c | 4 ++--
examples/vm_power_manager/channel_manager.c | 3 +--
6 files changed, 15 insertions(+), 16 deletions(-)
diff --git a/examples/ip_pipeline/conn.c b/examples/ip_pipeline/conn.c
index 30fca80c14..9f347fd1c2 100644
--- a/examples/ip_pipeline/conn.c
+++ b/examples/ip_pipeline/conn.c
@@ -115,8 +115,8 @@ conn_init(struct conn_params *p)
}
/* Fill in */
- strncpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX);
- strncpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX);
+ strlcpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX + 1);
+ strlcpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX + 1);
conn->buf_size = p->buf_size;
conn->msg_in_len_max = p->msg_in_len_max;
conn->msg_out_len_max = p->msg_out_len_max;
diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 866ba04b86..b5068765b6 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -338,12 +338,12 @@ parse_key_string(const char *key_str, uint8_t *key)
if (pt_end == NULL) {
if (strlen(pt_start) > 2)
return 0;
- strncpy(sub_str, pt_start, 2);
+ memcpy(sub_str, pt_start, 2);
} else {
if (pt_end - pt_start > 2)
return 0;
- strncpy(sub_str, pt_start, pt_end - pt_start);
+ memcpy(sub_str, pt_start, pt_end - pt_start);
pt_start = pt_end + 1;
}
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index ff189b5fab..22ad825c91 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -1576,19 +1576,19 @@ l2fwd_crypto_options_print(struct l2fwd_crypto_options *options)
char string_aead_op[MAX_STR_LEN];
if (options->cipher_xform.cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
- strcpy(string_cipher_op, "Encrypt");
+ strlcpy(string_cipher_op, "Encrypt", sizeof(string_cipher_op));
else
- strcpy(string_cipher_op, "Decrypt");
+ strlcpy(string_cipher_op, "Decrypt", sizeof(string_cipher_op));
if (options->auth_xform.auth.op == RTE_CRYPTO_AUTH_OP_GENERATE)
- strcpy(string_auth_op, "Auth generate");
+ strlcpy(string_auth_op, "Auth generate", sizeof(string_auth_op));
else
- strcpy(string_auth_op, "Auth verify");
+ strlcpy(string_auth_op, "Auth verify", sizeof(string_auth_op));
if (options->aead_xform.aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT)
- strcpy(string_aead_op, "Authenticated encryption");
+ strlcpy(string_aead_op, "Authenticated encryption", sizeof(string_aead_op));
else
- strcpy(string_aead_op, "Authenticated decryption");
+ strlcpy(string_aead_op, "Authenticated decryption", sizeof(string_aead_op));
printf("Options:-\nn");
diff --git a/examples/pipeline/cli.c b/examples/pipeline/cli.c
index 215b4061d5..901706fab9 100644
--- a/examples/pipeline/cli.c
+++ b/examples/pipeline/cli.c
@@ -172,9 +172,9 @@ parse_table_entry(struct rte_swx_ctl_pipeline *p,
line[0] = 0;
for (i = 0; i < n_tokens; i++) {
if (i)
- strcat(line, " ");
+ strlcat(line, " ", MAX_LINE_SIZE);
- strcat(line, tokens[i]);
+ strlcat(line, tokens[i], MAX_LINE_SIZE);
}
/* Read the table entry from the input buffer. */
diff --git a/examples/pipeline/conn.c b/examples/pipeline/conn.c
index e168c4ddaa..257f3c9f78 100644
--- a/examples/pipeline/conn.c
+++ b/examples/pipeline/conn.c
@@ -116,8 +116,8 @@ conn_init(struct conn_params *p)
}
/* Fill in */
- strncpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX);
- strncpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX);
+ strlcpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX + 1);
+ strlcpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX + 1);
conn->buf_size = p->buf_size;
conn->msg_in_len_max = p->msg_in_len_max;
conn->msg_out_len_max = p->msg_out_len_max;
diff --git a/examples/vm_power_manager/channel_manager.c b/examples/vm_power_manager/channel_manager.c
index b69449c61d..339c7fbb93 100644
--- a/examples/vm_power_manager/channel_manager.c
+++ b/examples/vm_power_manager/channel_manager.c
@@ -875,8 +875,7 @@ add_vm(const char *vm_name)
rte_free(new_domain);
return -1;
}
- strncpy(new_domain->name, vm_name, sizeof(new_domain->name));
- new_domain->name[sizeof(new_domain->name) - 1] = '\0';
+ strlcpy(new_domain->name, vm_name, sizeof(new_domain->name));
memset(new_domain->channel_mask, 0, RTE_MAX_LCORE);
new_domain->num_channels = 0;
--
2.53.0
reply other threads:[~2026-06-23 15:41 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260623154109.722441-1-bruce.richardson@intel.com \
--to=bruce.richardson@intel.com \
--cc=alan.carew@intel.com \
--cc=anatoly.burakov@intel.com \
--cc=cristian.dumitrescu@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=fanzhang.oss@gmail.com \
--cc=ferruh.yigit@amd.com \
--cc=gakhil@marvell.com \
--cc=jasvinder.singh@intel.com \
--cc=pablo.de.lara.guarch@intel.com \
--cc=radu.nicolau@intel.com \
--cc=sergio.gonzalez.monroy@intel.com \
--cc=sivaprasad.tummala@amd.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox