diff options
author | Dave Barach <dave@barachs.net> | 2020-04-04 18:34:41 -0400 |
---|---|---|
committer | Andrew Yourtchenko <ayourtch@gmail.com> | 2020-08-13 17:20:47 +0000 |
commit | 3d57cfdfb529c61fa5ec6e8a04db4ef042e7eb45 (patch) | |
tree | 147a67aa183dd1f961c2dd56b926c447e43f198b | |
parent | d13034a6d1a239af07948ebe6a399c6aec5ddbbc (diff) |
misc: strcpy be gone
Causes static analysis "vulnerability" warnings
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I272fa69251d70f62178e6dff0423c16f99937af1
(cherry picked from commit 0250090fc0c24214cb1fa969f6e2f585099ee36b)
-rw-r--r-- | src/plugins/hs_apps/vcl/sock_test_client.c | 7 | ||||
-rw-r--r-- | src/plugins/hs_apps/vcl/sock_test_server.c | 3 | ||||
-rw-r--r-- | src/plugins/hs_apps/vcl/vcl_test_client.c | 2 | ||||
-rw-r--r-- | src/plugins/unittest/string_test.c | 2 | ||||
-rw-r--r-- | src/tools/elftool/elftool.c | 26 | ||||
-rw-r--r-- | src/tools/g2/mkversion.c | 16 | ||||
-rw-r--r-- | src/vcl/ldp.c | 2 | ||||
-rw-r--r-- | src/vpp/api/json_format.h | 2 |
8 files changed, 30 insertions, 30 deletions
diff --git a/src/plugins/hs_apps/vcl/sock_test_client.c b/src/plugins/hs_apps/vcl/sock_test_client.c index 6f5fb074503..fb59378e008 100644 --- a/src/plugins/hs_apps/vcl/sock_test_client.c +++ b/src/plugins/hs_apps/vcl/sock_test_client.c @@ -252,7 +252,8 @@ echo_test_client () } memset (&serveraddr, 0, sizeof (serveraddr)); serveraddr.sun_family = AF_UNIX; - strcpy (serveraddr.sun_path, SOCK_TEST_AF_UNIX_FILENAME); + strncpy (serveraddr.sun_path, SOCK_TEST_AF_UNIX_FILENAME, + sizeof (serveraddr.sun_path)); rv = connect (fd, (struct sockaddr *) &serveraddr, SUN_LEN (&serveraddr)); if (rv < 0) { @@ -265,7 +266,7 @@ echo_test_client () } scm->af_unix_echo_tx++; - strcpy ((char *) buffer, SOCK_TEST_MIXED_EPOLL_DATA); + strncpy ((char *) buffer, SOCK_TEST_MIXED_EPOLL_DATA, sizeof (buffer)); timeout.tv_sec = 0; timeout.tv_usec = 250000; select (0, NULL, NULL, NULL, &timeout); /* delay .25 secs */ @@ -946,7 +947,7 @@ main (int argc, char **argv) optopt, ctrl->txbuf_size); print_usage_and_exit (); } - strcpy (ctrl->txbuf, optarg); + strncpy (ctrl->txbuf, optarg, ctrl->txbuf_size); ctrl->cfg.test = VCL_TEST_TYPE_ECHO; break; diff --git a/src/plugins/hs_apps/vcl/sock_test_server.c b/src/plugins/hs_apps/vcl/sock_test_server.c index bd777ccb917..801cd83cc83 100644 --- a/src/plugins/hs_apps/vcl/sock_test_server.c +++ b/src/plugins/hs_apps/vcl/sock_test_server.c @@ -559,7 +559,8 @@ main (int argc, char **argv) memset (&ssm->serveraddr, 0, sizeof (ssm->serveraddr)); ssm->serveraddr.sun_family = AF_UNIX; - strcpy (ssm->serveraddr.sun_path, SOCK_TEST_AF_UNIX_FILENAME); + strncpy (ssm->serveraddr.sun_path, SOCK_TEST_AF_UNIX_FILENAME, + sizeof (ssm->serveraddr.sun_path)); rv = bind (ssm->af_unix_listen_fd, (struct sockaddr *) &ssm->serveraddr, SUN_LEN (&ssm->serveraddr)); diff --git a/src/plugins/hs_apps/vcl/vcl_test_client.c b/src/plugins/hs_apps/vcl/vcl_test_client.c index 30b48d8d145..236cbfff913 100644 --- a/src/plugins/hs_apps/vcl/vcl_test_client.c +++ b/src/plugins/hs_apps/vcl/vcl_test_client.c @@ -912,7 +912,7 @@ vtc_process_opts (vcl_test_client_main_t * vcm, int argc, char **argv) optopt, ctrl->txbuf_size); print_usage_and_exit (); } - strcpy (ctrl->txbuf, optarg); + strncpy (ctrl->txbuf, optarg, ctrl->txbuf_size); ctrl->cfg.test = VCL_TEST_TYPE_ECHO; break; diff --git a/src/plugins/unittest/string_test.c b/src/plugins/unittest/string_test.c index 95a95d78c1d..fb33edb2f43 100644 --- a/src/plugins/unittest/string_test.c +++ b/src/plugins/unittest/string_test.c @@ -594,7 +594,7 @@ test_clib_strcpy (vlib_main_t * vm, unformat_input_t * input) return -1; /* verify it against strcpy */ - strcpy (dst, src); + strcpy (dst, src); //NOSONAR /* This better not fail but check anyhow */ if (strcmp_s (dst, clib_strnlen (dst, sizeof (dst)), src, &indicator) != diff --git a/src/tools/elftool/elftool.c b/src/tools/elftool/elftool.c index debd9089027..e808c619da8 100644 --- a/src/tools/elftool/elftool.c +++ b/src/tools/elftool/elftool.c @@ -61,7 +61,7 @@ typedef struct { u64 rpath_offset; } elf_tool_main_t; -static clib_error_t * elf_set_interpreter (elf_main_t * em, +static clib_error_t * elf_set_interpreter (elf_main_t * em, elf_tool_main_t * tm) { elf_segment_t * g; @@ -79,7 +79,7 @@ static clib_error_t * elf_set_interpreter (elf_main_t * em, break; /* Note flowthrough */ default: - return clib_error_return (0, "unacceptable file_type"); + return clib_error_return (0, "unacceptable file_type"); } vec_foreach (g, em->segments) @@ -178,7 +178,7 @@ set_rpath_for_section (elf_main_t * em, elf_section_t * s, char * new_rpath) if (old_len < new_len) return clib_error_return (0, "rpath of `%s' does not fit (old rpath `%s')", new_rpath, old_rpath); - strcpy (old_rpath, new_rpath); + strcpy (old_rpath, new_rpath); //NOSONAR break; default: @@ -246,7 +246,7 @@ set_interpreter_rpath (elf_tool_main_t * tm) goto done; } - if (!(fd_stat.st_mode & S_IFREG)) + if (!(fd_stat.st_mode & S_IFREG)) { error = clib_error_return (0, "%s is not a regular file", tm->input_file); goto done; @@ -261,10 +261,10 @@ set_interpreter_rpath (elf_tool_main_t * tm) /* COW-mapping, since we intend to write the fixups */ if (fix_in_place) - idp = mmap (0, mmap_length, PROT_READ | PROT_WRITE, MAP_SHARED, + idp = mmap (0, mmap_length, PROT_READ | PROT_WRITE, MAP_SHARED, ifd, /* offset */ 0); else - idp = mmap (0, mmap_length, PROT_READ | PROT_WRITE, MAP_PRIVATE, + idp = mmap (0, mmap_length, PROT_READ | PROT_WRITE, MAP_PRIVATE, ifd, /* offset */ 0); if (~pointer_to_uword (idp) == 0) { @@ -272,7 +272,7 @@ set_interpreter_rpath (elf_tool_main_t * tm) error = clib_error_return_unix (0, "mmap `%s'", tm->input_file); goto done; } - + if (idp[0] != 0x7f || idp[1] != 'E' || idp[2] != 'L' || idp[3] != 'F') { error = clib_error_return (0, "not an ELF file '%s'", tm->input_file); @@ -313,14 +313,14 @@ set_interpreter_rpath (elf_tool_main_t * tm) if (offset0 == 0) { - error = clib_error_return (0, "no fixup markers in %s", + error = clib_error_return (0, "no fixup markers in %s", tm->input_file); goto done; } found_both: if (0) - clib_warning ("offset0 %lld (0x%llx), offset1 %lld (0x%llx)", + clib_warning ("offset0 %lld (0x%llx), offset1 %lld (0x%llx)", offset0, offset0, offset1, offset1); /* Executable file case */ @@ -329,18 +329,18 @@ set_interpreter_rpath (elf_tool_main_t * tm) tm->interpreter_offset = offset0; tm->rpath_offset = offset1; } - else /* shared library case */ + else /* shared library case */ { tm->interpreter_offset = 0; tm->rpath_offset = offset0; } - + if (tm->interpreter_offset) - clib_memcpy (&idp[tm->interpreter_offset], tm->set_interpreter, + clib_memcpy (&idp[tm->interpreter_offset], tm->set_interpreter, strlen (tm->set_interpreter)+1); if (tm->rpath_offset) - clib_memcpy (&idp[tm->rpath_offset], tm->set_rpath, + clib_memcpy (&idp[tm->rpath_offset], tm->set_rpath, strlen (tm->set_rpath)+1); /* Write the output file... */ diff --git a/src/tools/g2/mkversion.c b/src/tools/g2/mkversion.c index 3523fbe6c6d..0e22cfa86b5 100644 --- a/src/tools/g2/mkversion.c +++ b/src/tools/g2/mkversion.c @@ -1,4 +1,4 @@ -/* +/* *------------------------------------------------------------------ * Copyright (c) 1997-2016 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,21 +44,21 @@ int main (int argc, char **argv) } now = time (0); - + fprintf (ofp, "/*\n"); fprintf (ofp, " * G2 Version Stamp, %s", ctime (&now)); fprintf (ofp, " * Automatically generated, hand edits are pointless.\n"); fprintf (ofp, " */\n\n"); - fprintf (ofp, + fprintf (ofp, "const char *version_string = \"G2 (%s) major version %s\";\n", argv[1], argv[2]); - + username = (char *) cuserid (0); - strcpy(timestr, ctime(&now)); - + strncpy(timestr, ctime(&now), sizeof (timestr)); + cp = timestr; while (*cp) { @@ -70,8 +70,6 @@ int main (int argc, char **argv) fprintf (ofp, "const char *minor_v_string = \"Built by %s at %s\";\n", username, timestr); - + exit (0); } - - diff --git a/src/vcl/ldp.c b/src/vcl/ldp.c index 3944239ec1a..af9742063fa 100644 --- a/src/vcl/ldp.c +++ b/src/vcl/ldp.c @@ -1813,8 +1813,8 @@ getsockopt (int fd, int level, int optname, rv = -EFAULT; break; case TCP_CONGESTION: - strcpy (optval, "cubic"); *optlen = strlen ("cubic"); + strncpy (optval, "cubic", *optlen + 1); rv = 0; break; default: diff --git a/src/vpp/api/json_format.h b/src/vpp/api/json_format.h index 154fb3df04b..63217979ccd 100644 --- a/src/vpp/api/json_format.h +++ b/src/vpp/api/json_format.h @@ -94,7 +94,7 @@ vat_json_set_string_copy (vat_json_node_t * json, const u8 * str) { u8 *ns = NULL; vec_validate (ns, strlen ((const char *) str)); - strcpy ((char *) ns, (const char *) str); + strncpy ((char *) ns, (const char *) str, vec_len (ns)); vec_add1 (ns, '\0'); vat_json_set_string (json, ns); } |