From: Tianyu Li <tianyu.li@arm.com>
Date: Mon, 6 Dec 2021 05:15:59 +0000 (+0800)
Subject: misc: vppctl fix heap-buffer-overflow & memleaks
X-Git-Tag: v22.06-rc0~126
X-Git-Url: https://gerrit.fd.io/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F16%2F34716%2F2;p=vpp.git

misc: vppctl fix heap-buffer-overflow & memleaks

1. Malloc may return not zero buffer, causing strncat buffer overflow
2. Malloc buffer not freed

Type: fix
Fixes: 31f192434660 ("misc: vppctl - remove the dependency on vppinfra")
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I5aebaccf3d0f8b7e3617068267f62cc2aa39d827
---

diff --git a/src/vpp/app/vppctl.c b/src/vpp/app/vppctl.c
index 8fe493d3f2a..becab52d08b 100644
--- a/src/vpp/app/vppctl.c
+++ b/src/vpp/app/vppctl.c
@@ -215,6 +215,13 @@ main (int argc, char *argv[])
     {
       cmd_len++; // account for \n in the end
       cmd = malloc (cmd_len);
+      if (!cmd)
+	{
+	  error = errno;
+	  perror ("malloc failed");
+	  goto done;
+	}
+      memset (cmd, 0, cmd_len);
       while (argc--)
 	{
 	  strncat (cmd, *argv++, cmd_len);
@@ -431,6 +438,7 @@ main (int argc, char *argv[])
   close (sock_fd);
 
 done:
+  free (cmd);
   if (efd > -1)
     close (efd);