Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix the unsafe usage of strncpy in portsorch.cpp (sonic-net#2110)
Originally, strncpy is used in the following way: strncpy(attr.value.chardata, src_string, sizeof(attr.value.chardata)); where attr.value.chardata is a char array. However, this is not safe in case strlen(src_string) >= sizeof(attr.value.chardata) because there will no space in attr.value.chardata to store the terminating character. It will leave the string attr.value.chardata open, the receiver of attr cannot determine the end of the string and suffer buffer overflow. According to SAI API definition, the actually length of SAI_HOSTIF_ATTR_NAME should be SAI_HOSTIF_NAME_SIZE - 1 which is less than sizeof(attr.value.chardata)`. So a safe way to do it should be: strncpy(attr.value.chardata, src_string, SAI_HOSTIF_NAME_SIZE); attr.value.chardata[SAI_HOSTIF_NAME_SIZE - 1] = '\0' Signed-off-by: Stephen Sun <stephens@nvidia.com>
- Loading branch information