On Tue, Dec 16, 2014 at 11:13 AM, Ola Liljedahl <ola.liljed...@linaro.org> wrote: > On 15 December 2014 at 23:20, Maxim Uvarov <maxim.uva...@linaro.org> wrote: >> On 12/16/2014 12:35 AM, Mike Holmes wrote: >>> >>> Termination of the string is not assured unless the string is >>> one char shorter than the buffer. >>> >>> Fixes coverity 83058 >>> >>> Signed-off-by: Mike Holmes <mike.hol...@linaro.org> >>> --- >>> platform/linux-generic/odp_packet_io.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/platform/linux-generic/odp_packet_io.c >>> b/platform/linux-generic/odp_packet_io.c >>> index a03eeb1..7694236 100644 >>> --- a/platform/linux-generic/odp_packet_io.c >>> +++ b/platform/linux-generic/odp_packet_io.c >>> @@ -247,7 +247,7 @@ odp_pktio_t odp_pktio_open(const char *dev, >>> odp_buffer_pool_t pool) >>> return ODP_PKTIO_INVALID; >>> done: >>> - strncpy(pktio_entry->s.name, dev, IFNAMSIZ); >>> + strncpy(pktio_entry->s.name, dev, IFNAMSIZ - 1); >>> unlock_entry_classifier(pktio_entry); >>> return id; >>> } >> >> This bug will never happen due to check for length of dev at the top of >> function. > Such spread out (and undocumented?) dependencies are not good. This > could break because of some future change. > >> But fix will be ok to turn off coverity warning. > I think that all such sprintf(buf) + buf[len-1]=0 expressions at least > should be kept on the same line so that you can grep for sprintf > (which is a known problematic function) and then directly see that the > code does the right thing. This would possibly bring the line length > above 80 but verifiable correctness is more important than some > arbitrary line length.
Why not use snprintf(pktio_entry->s.name, IFNAMSIZ, "%s", dev) instead? It writes at most size bytes, including the null terminator. > > >> >> Maxim. >> >> >> _______________________________________________ >> lng-odp mailing list >> lng-odp@lists.linaro.org >> http://lists.linaro.org/mailman/listinfo/lng-odp > > _______________________________________________ > lng-odp mailing list > lng-odp@lists.linaro.org > http://lists.linaro.org/mailman/listinfo/lng-odp _______________________________________________ lng-odp mailing list lng-odp@lists.linaro.org http://lists.linaro.org/mailman/listinfo/lng-odp
