> -----Original Message----- > From: dev [mailto:dev-boun...@dpdk.org] On Behalf Of Burakov, Anatoly > Sent: Monday, December 10, 2018 10:43 AM > To: Jakub Grajciar <jgraj...@cisco.com>; dev@dpdk.org > Subject: Re: [dpdk-dev] [RFC v2] /net: memory interface (memif) > > On 10-Dec-18 10:06 AM, Jakub Grajciar wrote: > > Signed-off-by: Jakub Grajciar <jgraj...@cisco.com> > > --- > > As a general comment, some description/cover letter would have been nice. > > > + > > + memif_msg_disconnect_t *d = &e->msg.disconnect; > > + > > + e->msg.type = MEMIF_MSG_TYPE_DISCONNECT; > > + d->code = err_code; > > + > > + if (reason != NULL) { > > + strncpy((char *)d->string, reason, strlen(reason)); > > + if (cc->pmd != NULL) { > > + strncpy(cc->pmd->local_disc_string, reason, > > + strlen(reason)); > > + } > > I haven't looked at the entire thing, this is just something that caught > my eye during quick skimming through code. > > On the face of it, this looks dangerous - you're setting the destination > buffer size from source buffer size. What if `d->string` is shorter than > `reason`? >
And strncpy is dangerous - use strlcpy instead. /Bruce
