On 2/23/2022 8:49 AM, Steve Yang wrote:
'recv()' fills the 'buf', later 'strlcpy()' used to copy from this buffer. But as coverity warns 'recv()' doesn't guarantee that 'buf' is null-terminated, but 'strlcpy()' requires it.Enlarge 'buf' size to 'EAL_UEV_MSG_LEN + 1' and ensure the last one can be set to 0 when received buffer size is EAL_UEV_MSG_LEN. CID 375864: Memory - illegal accesses (STRING_NULL) Passing unterminated string "buf" to "dev_uev_parse", which expects a null-terminated string. Coverity issue: 375864 Fixes: 0d0f478d0483 ("eal/linux: add uevent parse and process") Cc: [email protected] Signed-off-by: Steve Yang <[email protected]>
Acked-by: Ferruh Yigit <[email protected]>
