Replace strcat with concatenation logic to avoid buffer overflow. Fixes: a6a47ac9c2 ("cfgfile: rework load function") Cc: sta...@dpdk.org
Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.b...@intel.com> --- lib/librte_cfgfile/rte_cfgfile.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/librte_cfgfile/rte_cfgfile.c b/lib/librte_cfgfile/rte_cfgfile.c index 7d8c941ea..7616742f7 100644 --- a/lib/librte_cfgfile/rte_cfgfile.c +++ b/lib/librte_cfgfile/rte_cfgfile.c @@ -227,7 +227,15 @@ rte_cfgfile_load_with_params(const char *filename, int flags, while (end != NULL) { if (*(end+1) == params->comment_character) { *end = '\0'; - strcat(split[1], end+1); + int index = strlen(split[1]); + char *temp = end+1; + while (*temp != '\0') { + split[1][index] = *temp; + index++; + temp++; + } + split[1][index] = '\0'; + } else end++; end = memchr(end, '\\', strlen(end)); -- 2.17.2