From mboxrd@z Thu Jan 1 00:00:00 1970 From: Declan Doherty Subject: Re: [PATCH] l2fwd-crypto: fix coverity defect Date: Thu, 7 Apr 2016 17:00:35 +0100 Message-ID: <57068423.4050007@intel.com> References: <1460035389-49395-1-git-send-email-pablo.de.lara.guarch@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit To: Pablo de Lara , dev@dpdk.org Return-path: Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by dpdk.org (Postfix) with ESMTP id 27B0D2BD9 for ; Thu, 7 Apr 2016 18:06:14 +0200 (CEST) In-Reply-To: <1460035389-49395-1-git-send-email-pablo.de.lara.guarch@intel.com> List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On 07/04/16 14:23, Pablo de Lara wrote: > When parsing crypto device type, the string was being copied > with strcpy(), which could overflow the destination buffer > (which is 32 byte long), so snprintf() should be used instead. > > This fixes coverity issue 124575: > > /examples/l2fwd-crypto/main.c: 1005 in l2fwd_crypto_parse_args_long_options() > *** CID 124575: (STRING_OVERFLOW) > 999 > 1000 /* Authentication options */ > 1001 else if (strcmp(lgopts[option_index].name, "auth_algo") == 0) { > 1002 retval = parse_auth_algo(&options->auth_xform.auth.algo, > 1003 optarg); > 1004 if (retval == 0) >>>> CID 124575: (STRING_OVERFLOW) >>>> You might overrun the 32 byte fixed-size string "options->string_auth_algo" by copying "optarg" without checking the length. > 1005 strcpy(options->string_auth_algo, optarg); > 1006 return retval; > 1007 } > > Fixes: commit 49f79e86480d ("examples/l2fwd-crypto: add missing string initialization") > > Signed-off-by: Pablo de Lara > --- ... > Acked-by: Declan Doherty