From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Parthasarathy, JananeeX M" <jananeex.m.parthasarathy@intel.com>
Subject: Re: [PATCH] test/eventdev: fix sprintf with snprintf
Date: Tue, 12 Mar 2019 07:41:17 +0000
Message-ID: <7AE31235A30B41498D1C31348DC858BD5B54DCD4@IRSMSX103.ger.corp.intel.com>
References: <1549449822-412-1-git-send-email-pallantlax.poornima@intel.com>
 <f7to97mdlld.fsf@dhcp-25.97.bos.redhat.com>
 <7AE31235A30B41498D1C31348DC858BD5B534A73@IRSMSX103.ger.corp.intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Cc: "'dev@dpdk.org'" <dev@dpdk.org>, "Pattan, Reshma"
 <reshma.pattan@intel.com>, "Rao, Nikhil" <nikhil.rao@intel.com>,
 "'stable@dpdk.org'" <stable@dpdk.org>, "Poornima, PallantlaX"
 <pallantlax.poornima@intel.com>
To: 'Aaron Conole' <aconole@redhat.com>
Return-path: <dev-bounces@dpdk.org>
In-Reply-To: <7AE31235A30B41498D1C31348DC858BD5B534A73@IRSMSX103.ger.corp.intel.com>
Content-Language: en-US
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Hi

>-----Original Message-----
>From: Parthasarathy, JananeeX M
>Sent: Tuesday, February 19, 2019 6:33 PM
>To: Aaron Conole <aconole@redhat.com>; Poornima, PallantlaX
><pallantlax.poornima@intel.com>
>Cc: dev@dpdk.org; Pattan, Reshma <reshma.pattan@intel.com>; Rao, Nikhil
><nikhil.rao@intel.com>; stable@dpdk.org
>Subject: RE: [dpdk-dev] [PATCH] test/eventdev: fix sprintf with snprintf
>
>
>
>>-----Original Message-----
>>From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Aaron Conole
>>Sent: Saturday, February 09, 2019 2:50 AM
>>To: Poornima, PallantlaX <pallantlax.poornima@intel.com>
>>Cc: dev@dpdk.org; Pattan, Reshma <reshma.pattan@intel.com>; Rao, Nikhil
>><nikhil.rao@intel.com>; stable@dpdk.org
>>Subject: Re: [dpdk-dev] [PATCH] test/eventdev: fix sprintf with
>>snprintf
>>
>>Pallantla Poornima <pallantlax.poornima@intel.com> writes:
>>
>>> sprintf function is not secure as it doesn't check the length of string=
.
>>> More secure function snprintf is used.
>>>
>>> Fixes: 2a9c83ae3b ("test/eventdev: add multi-ports test")
>>> Cc: stable@dpdk.org
>>>
>>> Signed-off-by: Pallantla Poornima <pallantlax.poornima@intel.com>
>>> ---
>>>  test/test/test_event_eth_rx_adapter.c | 3 ++-
>>>  1 file changed, 2 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/test/test/test_event_eth_rx_adapter.c
>>> b/test/test/test_event_eth_rx_adapter.c
>>> index 1d3be82b5..38f5c039f 100644
>>> --- a/test/test/test_event_eth_rx_adapter.c
>>> +++ b/test/test/test_event_eth_rx_adapter.c
>>> @@ -479,7 +479,8 @@ adapter_multi_eth_add_del(void)
>>>  	/* add the max port for rx_adapter */
>>>  	port_index =3D rte_eth_dev_count_total();
>>>  	for (; port_index < RTE_MAX_ETHPORTS; port_index +=3D 1) {
>>> -		sprintf(driver_name, "%s%u", "net_null", drv_id);
>>> +		snprintf(driver_name, sizeof(driver_name), "%s%u", "net_null",
>>> +				drv_id);
>>>  		err =3D rte_vdev_init(driver_name, NULL);
>>>  		TEST_ASSERT(err =3D=3D 0, "Failed driver %s got %d",
>>>  		driver_name, err);
>>
>>You call this a fix, but it's not possible for the value of drv_id to
>>exceed '32' and the buffer size is plenty accommodating for that.  Did
>>I miss something?  What is this fixing?
>
>It is better practice to use snprintf although in this case buffer will no=
t overflow
>as size is big enough to accommodate. The changes were done mainly to
>replace sprintf to snprintf. Probably we can remove "fix" line as it is no=
t issue in
>this scenario.
>
>Thanks
>M.P.Jananee

Please suggest if we can remove "fix" line.

Thanks