summary |
shortlog |
log |
commit | commitdiff |
review |
tree
raw |
patch |
inline | side by side (from parent 1:
9f86d22)
Causes static analysis "vulnerability" warnings
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I272fa69251d70f62178e6dff0423c16f99937af1
}
memset (&serveraddr, 0, sizeof (serveraddr));
serveraddr.sun_family = AF_UNIX;
}
memset (&serveraddr, 0, sizeof (serveraddr));
serveraddr.sun_family = AF_UNIX;
- strcpy (serveraddr.sun_path, SOCK_TEST_AF_UNIX_FILENAME);
+ strncpy (serveraddr.sun_path, SOCK_TEST_AF_UNIX_FILENAME,
+ sizeof (serveraddr.sun_path));
rv = connect (fd, (struct sockaddr *) &serveraddr, SUN_LEN (&serveraddr));
if (rv < 0)
{
rv = connect (fd, (struct sockaddr *) &serveraddr, SUN_LEN (&serveraddr));
if (rv < 0)
{
}
scm->af_unix_echo_tx++;
}
scm->af_unix_echo_tx++;
- strcpy ((char *) buffer, SOCK_TEST_MIXED_EPOLL_DATA);
+ strncpy ((char *) buffer, SOCK_TEST_MIXED_EPOLL_DATA, sizeof (buffer));
timeout.tv_sec = 0;
timeout.tv_usec = 250000;
select (0, NULL, NULL, NULL, &timeout); /* delay .25 secs */
timeout.tv_sec = 0;
timeout.tv_usec = 250000;
select (0, NULL, NULL, NULL, &timeout); /* delay .25 secs */
optopt, ctrl->txbuf_size);
print_usage_and_exit ();
}
optopt, ctrl->txbuf_size);
print_usage_and_exit ();
}
- strcpy (ctrl->txbuf, optarg);
+ strncpy (ctrl->txbuf, optarg, ctrl->txbuf_size);
ctrl->cfg.test = VCL_TEST_TYPE_ECHO;
break;
ctrl->cfg.test = VCL_TEST_TYPE_ECHO;
break;
memset (&ssm->serveraddr, 0, sizeof (ssm->serveraddr));
ssm->serveraddr.sun_family = AF_UNIX;
memset (&ssm->serveraddr, 0, sizeof (ssm->serveraddr));
ssm->serveraddr.sun_family = AF_UNIX;
- strcpy (ssm->serveraddr.sun_path, SOCK_TEST_AF_UNIX_FILENAME);
+ strncpy (ssm->serveraddr.sun_path, SOCK_TEST_AF_UNIX_FILENAME,
+ sizeof (ssm->serveraddr.sun_path));
rv = bind (ssm->af_unix_listen_fd, (struct sockaddr *) &ssm->serveraddr,
SUN_LEN (&ssm->serveraddr));
rv = bind (ssm->af_unix_listen_fd, (struct sockaddr *) &ssm->serveraddr,
SUN_LEN (&ssm->serveraddr));
optopt, ctrl->txbuf_size);
print_usage_and_exit ();
}
optopt, ctrl->txbuf_size);
print_usage_and_exit ();
}
- strcpy (ctrl->txbuf, optarg);
+ strncpy (ctrl->txbuf, optarg, ctrl->txbuf_size);
ctrl->cfg.test = VCL_TEST_TYPE_ECHO;
break;
ctrl->cfg.test = VCL_TEST_TYPE_ECHO;
break;
return -1;
/* verify it against strcpy */
return -1;
/* verify it against strcpy */
+ strcpy (dst, src); //NOSONAR
/* This better not fail but check anyhow */
if (strcmp_s (dst, clib_strnlen (dst, sizeof (dst)), src, &indicator) !=
/* This better not fail but check anyhow */
if (strcmp_s (dst, clib_strnlen (dst, sizeof (dst)), src, &indicator) !=
u64 rpath_offset;
} elf_tool_main_t;
u64 rpath_offset;
} elf_tool_main_t;
-static clib_error_t * elf_set_interpreter (elf_main_t * em,
+static clib_error_t * elf_set_interpreter (elf_main_t * em,
elf_tool_main_t * tm)
{
elf_segment_t * g;
elf_tool_main_t * tm)
{
elf_segment_t * g;
break;
/* Note flowthrough */
default:
break;
/* Note flowthrough */
default:
- return clib_error_return (0, "unacceptable file_type");
+ return clib_error_return (0, "unacceptable file_type");
}
vec_foreach (g, em->segments)
}
vec_foreach (g, em->segments)
if (old_len < new_len)
return clib_error_return (0, "rpath of `%s' does not fit (old rpath `%s')",
new_rpath, old_rpath);
if (old_len < new_len)
return clib_error_return (0, "rpath of `%s' does not fit (old rpath `%s')",
new_rpath, old_rpath);
- strcpy (old_rpath, new_rpath);
+ strcpy (old_rpath, new_rpath); //NOSONAR
- if (!(fd_stat.st_mode & S_IFREG))
+ if (!(fd_stat.st_mode & S_IFREG))
{
error = clib_error_return (0, "%s is not a regular file", tm->input_file);
goto done;
{
error = clib_error_return (0, "%s is not a regular file", tm->input_file);
goto done;
/* COW-mapping, since we intend to write the fixups */
if (fix_in_place)
/* COW-mapping, since we intend to write the fixups */
if (fix_in_place)
- idp = mmap (0, mmap_length, PROT_READ | PROT_WRITE, MAP_SHARED,
+ idp = mmap (0, mmap_length, PROT_READ | PROT_WRITE, MAP_SHARED,
ifd, /* offset */ 0);
else
ifd, /* offset */ 0);
else
- idp = mmap (0, mmap_length, PROT_READ | PROT_WRITE, MAP_PRIVATE,
+ idp = mmap (0, mmap_length, PROT_READ | PROT_WRITE, MAP_PRIVATE,
ifd, /* offset */ 0);
if (~pointer_to_uword (idp) == 0)
{
ifd, /* offset */ 0);
if (~pointer_to_uword (idp) == 0)
{
error = clib_error_return_unix (0, "mmap `%s'", tm->input_file);
goto done;
}
error = clib_error_return_unix (0, "mmap `%s'", tm->input_file);
goto done;
}
if (idp[0] != 0x7f || idp[1] != 'E' || idp[2] != 'L' || idp[3] != 'F')
{
error = clib_error_return (0, "not an ELF file '%s'", tm->input_file);
if (idp[0] != 0x7f || idp[1] != 'E' || idp[2] != 'L' || idp[3] != 'F')
{
error = clib_error_return (0, "not an ELF file '%s'", tm->input_file);
- error = clib_error_return (0, "no fixup markers in %s",
+ error = clib_error_return (0, "no fixup markers in %s",
tm->input_file);
goto done;
}
found_both:
if (0)
tm->input_file);
goto done;
}
found_both:
if (0)
- clib_warning ("offset0 %lld (0x%llx), offset1 %lld (0x%llx)",
+ clib_warning ("offset0 %lld (0x%llx), offset1 %lld (0x%llx)",
offset0, offset0, offset1, offset1);
/* Executable file case */
offset0, offset0, offset1, offset1);
/* Executable file case */
tm->interpreter_offset = offset0;
tm->rpath_offset = offset1;
}
tm->interpreter_offset = offset0;
tm->rpath_offset = offset1;
}
- else /* shared library case */
+ else /* shared library case */
{
tm->interpreter_offset = 0;
tm->rpath_offset = offset0;
}
{
tm->interpreter_offset = 0;
tm->rpath_offset = offset0;
}
if (tm->interpreter_offset)
if (tm->interpreter_offset)
- clib_memcpy (&idp[tm->interpreter_offset], tm->set_interpreter,
+ clib_memcpy (&idp[tm->interpreter_offset], tm->set_interpreter,
strlen (tm->set_interpreter)+1);
if (tm->rpath_offset)
strlen (tm->set_interpreter)+1);
if (tm->rpath_offset)
- clib_memcpy (&idp[tm->rpath_offset], tm->set_rpath,
+ clib_memcpy (&idp[tm->rpath_offset], tm->set_rpath,
strlen (tm->set_rpath)+1);
/* Write the output file... */
strlen (tm->set_rpath)+1);
/* Write the output file... */
*------------------------------------------------------------------
* Copyright (c) 1997-2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
*------------------------------------------------------------------
* Copyright (c) 1997-2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
fprintf (ofp, "/*\n");
fprintf (ofp, " * G2 Version Stamp, %s",
ctime (&now));
fprintf (ofp, " * Automatically generated, hand edits are pointless.\n");
fprintf (ofp, " */\n\n");
fprintf (ofp, "/*\n");
fprintf (ofp, " * G2 Version Stamp, %s",
ctime (&now));
fprintf (ofp, " * Automatically generated, hand edits are pointless.\n");
fprintf (ofp, " */\n\n");
"const char *version_string = \"G2 (%s) major version %s\";\n",
argv[1], argv[2]);
"const char *version_string = \"G2 (%s) major version %s\";\n",
argv[1], argv[2]);
username = (char *) cuserid (0);
username = (char *) cuserid (0);
- strcpy(timestr, ctime(&now));
-
+ strncpy(timestr, ctime(&now), sizeof (timestr));
+
cp = timestr;
while (*cp) {
cp = timestr;
while (*cp) {
fprintf (ofp,
"const char *minor_v_string = \"Built by %s at %s\";\n",
username, timestr);
fprintf (ofp,
"const char *minor_v_string = \"Built by %s at %s\";\n",
username, timestr);
rv = -EFAULT;
break;
case TCP_CONGESTION:
rv = -EFAULT;
break;
case TCP_CONGESTION:
- strcpy (optval, "cubic");
*optlen = strlen ("cubic");
*optlen = strlen ("cubic");
+ strncpy (optval, "cubic", *optlen + 1);
{
u8 *ns = NULL;
vec_validate (ns, strlen ((const char *) str));
{
u8 *ns = NULL;
vec_validate (ns, strlen ((const char *) str));
- strcpy ((char *) ns, (const char *) str);
+ strncpy ((char *) ns, (const char *) str, vec_len (ns));
vec_add1 (ns, '\0');
vat_json_set_string (json, ns);
}
vec_add1 (ns, '\0');
vat_json_set_string (json, ns);
}