* [PATCH] examples: use strlcpy and strlcat
@ 2026-06-23 15:41 Bruce Richardson
0 siblings, 0 replies; only message in thread
From: Bruce Richardson @ 2026-06-23 15:41 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Cristian Dumitrescu, Radu Nicolau,
Akhil Goyal, Fan Zhang, Anatoly Burakov, Sivaprasad Tummala,
Jasvinder Singh, Sergio Gonzalez Monroy, Ferruh Yigit,
Pablo de Lara, Declan Doherty, Alan Carew
Replace strncpy and other unbounded string functions, e.g. strcpy,
strcat, with the safer alternatives strlcpy and strlcat, so that we can
guarantee null termination of strings.
Fixes: 4bbf8e30aa5e ("examples/ip_pipeline: add CLI interface")
Fixes: 5f657a7fbe86 ("examples/pipeline: add message passing mechanism")
Fixes: 83f58a7b7b0a ("examples/pipeline: add commands for direct registers")
Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
Fixes: 63e8c07c7245 ("examples/ipsec-secgw: fix configuration parsing")
Fixes: 41e97c2ea9e6 ("examples/l2fwd-crypto: extend crypto information")
Fixes: e8ae9b662506 ("examples/vm_power: channel manager and monitor in host")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
examples/ip_pipeline/conn.c | 4 ++--
examples/ipsec-secgw/sa.c | 4 ++--
examples/l2fwd-crypto/main.c | 12 ++++++------
examples/pipeline/cli.c | 4 ++--
examples/pipeline/conn.c | 4 ++--
examples/vm_power_manager/channel_manager.c | 3 +--
6 files changed, 15 insertions(+), 16 deletions(-)
diff --git a/examples/ip_pipeline/conn.c b/examples/ip_pipeline/conn.c
index 30fca80c14..9f347fd1c2 100644
--- a/examples/ip_pipeline/conn.c
+++ b/examples/ip_pipeline/conn.c
@@ -115,8 +115,8 @@ conn_init(struct conn_params *p)
}
/* Fill in */
- strncpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX);
- strncpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX);
+ strlcpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX + 1);
+ strlcpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX + 1);
conn->buf_size = p->buf_size;
conn->msg_in_len_max = p->msg_in_len_max;
conn->msg_out_len_max = p->msg_out_len_max;
diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 866ba04b86..b5068765b6 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -338,12 +338,12 @@ parse_key_string(const char *key_str, uint8_t *key)
if (pt_end == NULL) {
if (strlen(pt_start) > 2)
return 0;
- strncpy(sub_str, pt_start, 2);
+ memcpy(sub_str, pt_start, 2);
} else {
if (pt_end - pt_start > 2)
return 0;
- strncpy(sub_str, pt_start, pt_end - pt_start);
+ memcpy(sub_str, pt_start, pt_end - pt_start);
pt_start = pt_end + 1;
}
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index ff189b5fab..22ad825c91 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -1576,19 +1576,19 @@ l2fwd_crypto_options_print(struct l2fwd_crypto_options *options)
char string_aead_op[MAX_STR_LEN];
if (options->cipher_xform.cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
- strcpy(string_cipher_op, "Encrypt");
+ strlcpy(string_cipher_op, "Encrypt", sizeof(string_cipher_op));
else
- strcpy(string_cipher_op, "Decrypt");
+ strlcpy(string_cipher_op, "Decrypt", sizeof(string_cipher_op));
if (options->auth_xform.auth.op == RTE_CRYPTO_AUTH_OP_GENERATE)
- strcpy(string_auth_op, "Auth generate");
+ strlcpy(string_auth_op, "Auth generate", sizeof(string_auth_op));
else
- strcpy(string_auth_op, "Auth verify");
+ strlcpy(string_auth_op, "Auth verify", sizeof(string_auth_op));
if (options->aead_xform.aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT)
- strcpy(string_aead_op, "Authenticated encryption");
+ strlcpy(string_aead_op, "Authenticated encryption", sizeof(string_aead_op));
else
- strcpy(string_aead_op, "Authenticated decryption");
+ strlcpy(string_aead_op, "Authenticated decryption", sizeof(string_aead_op));
printf("Options:-\nn");
diff --git a/examples/pipeline/cli.c b/examples/pipeline/cli.c
index 215b4061d5..901706fab9 100644
--- a/examples/pipeline/cli.c
+++ b/examples/pipeline/cli.c
@@ -172,9 +172,9 @@ parse_table_entry(struct rte_swx_ctl_pipeline *p,
line[0] = 0;
for (i = 0; i < n_tokens; i++) {
if (i)
- strcat(line, " ");
+ strlcat(line, " ", MAX_LINE_SIZE);
- strcat(line, tokens[i]);
+ strlcat(line, tokens[i], MAX_LINE_SIZE);
}
/* Read the table entry from the input buffer. */
diff --git a/examples/pipeline/conn.c b/examples/pipeline/conn.c
index e168c4ddaa..257f3c9f78 100644
--- a/examples/pipeline/conn.c
+++ b/examples/pipeline/conn.c
@@ -116,8 +116,8 @@ conn_init(struct conn_params *p)
}
/* Fill in */
- strncpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX);
- strncpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX);
+ strlcpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX + 1);
+ strlcpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX + 1);
conn->buf_size = p->buf_size;
conn->msg_in_len_max = p->msg_in_len_max;
conn->msg_out_len_max = p->msg_out_len_max;
diff --git a/examples/vm_power_manager/channel_manager.c b/examples/vm_power_manager/channel_manager.c
index b69449c61d..339c7fbb93 100644
--- a/examples/vm_power_manager/channel_manager.c
+++ b/examples/vm_power_manager/channel_manager.c
@@ -875,8 +875,7 @@ add_vm(const char *vm_name)
rte_free(new_domain);
return -1;
}
- strncpy(new_domain->name, vm_name, sizeof(new_domain->name));
- new_domain->name[sizeof(new_domain->name) - 1] = '\0';
+ strlcpy(new_domain->name, vm_name, sizeof(new_domain->name));
memset(new_domain->channel_mask, 0, RTE_MAX_LCORE);
new_domain->num_channels = 0;
--
2.53.0
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-06-23 15:41 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-23 15:41 [PATCH] examples: use strlcpy and strlcat Bruce Richardson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox