From fb0bb3a732cd46848e26fcc6a17d9fdf99727af3 Mon Sep 17 00:00:00 2001 From: Benoît Ganne Date: Fri, 27 Sep 2019 18:07:39 +0200 Subject: api: fix non-null-terminated C-string MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Type: fix Change-Id: I132112bf77e1fad7fc0227a96e6b0cee590295e8 Signed-off-by: Benoît Ganne --- src/vpp/api/api.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/vpp/api/api.c b/src/vpp/api/api.c index 989d867c06b..51d1edbfdae 100644 --- a/src/vpp/api/api.c +++ b/src/vpp/api/api.c @@ -481,7 +481,11 @@ show_log_details (vl_api_registration_t * reg, u32 context, u32 msg_size; vl_api_log_details_t *rmp; - msg_size = sizeof (*rmp) + vec_len (msg_class) + vec_len (message); + int class_len = + clib_min (vec_len (msg_class) + 1, ARRAY_LEN (rmp->msg_class)); + int message_len = + clib_min (vec_len (message) + 1, ARRAY_LEN (rmp->message)); + msg_size = sizeof (*rmp) + class_len + message_len; rmp = vl_msg_api_alloc (msg_size); clib_memset (rmp, 0, msg_size); @@ -491,10 +495,11 @@ show_log_details (vl_api_registration_t * reg, u32 context, rmp->timestamp = clib_host_to_net_f64 (timestamp); rmp->level = htonl (*level); - strncpy ((char *) rmp->msg_class, (char *) msg_class, - ARRAY_LEN (rmp->msg_class) - 1); - strncpy ((char *) rmp->message, (char *) message, - ARRAY_LEN (rmp->message) - 1); + memcpy (rmp->msg_class, msg_class, class_len - 1); + memcpy (rmp->message, message, message_len - 1); + /* enforced by memset() above */ + ASSERT (0 == rmp->msg_class[class_len - 1]); + ASSERT (0 == rmp->message[message_len - 1]); vl_api_send_msg (reg, (u8 *) rmp); } -- cgit 1.2.3-korg