| Message ID | 1506449310-19066-1-git-send-email-trini@konsulko.com |
|---|---|
| State | Accepted |
| Commit | e2e6daed5a801e361d03f98e2eb770ca4fccca2c |
| Delegated to: | Tom Rini |
| Headers | show |
| Series | [U-Boot] test/dm: Fix string handling issues in the eth test | expand |
On 26 September 2017 at 12:08, Tom Rini <trini@konsulko.com> wrote: > Coverity scan has identified potential buffer overruns in these tests. > Correct this by zeroing our buffer and using strncpy not strcpy. > > Reported-by: Coverity (CID: 155462, 155463) > Cc: Joe Hershberger <joe.hershberger@ni.com> > Cc: Simon Glass <sjg@chromium.org> > Cc: Bin Meng <bmeng.cn@gmail.com> > Signed-off-by: Tom Rini <trini@konsulko.com> > --- > test/dm/eth.c | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) Reviewed-by: Simon Glass <sjg@chromium.org>
On Tue, Sep 26, 2017 at 1:08 PM, Tom Rini <trini@konsulko.com> wrote: > Coverity scan has identified potential buffer overruns in these tests. > Correct this by zeroing our buffer and using strncpy not strcpy. > > Reported-by: Coverity (CID: 155462, 155463) > Cc: Joe Hershberger <joe.hershberger@ni.com> > Cc: Simon Glass <sjg@chromium.org> > Cc: Bin Meng <bmeng.cn@gmail.com> > Signed-off-by: Tom Rini <trini@konsulko.com> Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
On Tue, Sep 26, 2017 at 02:08:30PM -0400, Tom Rini wrote: > Coverity scan has identified potential buffer overruns in these tests. > Correct this by zeroing our buffer and using strncpy not strcpy. > > Reported-by: Coverity (CID: 155462, 155463) > Cc: Joe Hershberger <joe.hershberger@ni.com> > Cc: Simon Glass <sjg@chromium.org> > Cc: Bin Meng <bmeng.cn@gmail.com> > Signed-off-by: Tom Rini <trini@konsulko.com> > Reviewed-by: Simon Glass <sjg@chromium.org> > Reviewed-by: Joe Hershberger <joe.hershberger@ni.com> Applied to u-boot/master, thanks!
diff --git a/test/dm/eth.c b/test/dm/eth.c index 122fab924d6a..67fd660ee4f5 100644 --- a/test/dm/eth.c +++ b/test/dm/eth.c @@ -110,6 +110,7 @@ static int dm_test_eth_act(struct unit_test_state *uts) char ethaddr[DM_TEST_ETH_NUM][18]; int i; + memset(ethaddr, '\0', sizeof(ethaddr)); net_ping_ip = string_to_ip("1.1.2.2"); /* Prepare the test scenario */ @@ -119,7 +120,7 @@ static int dm_test_eth_act(struct unit_test_state *uts) ut_assertok(device_remove(dev[i], DM_REMOVE_NORMAL)); /* Invalidate MAC address */ - strcpy(ethaddr[i], env_get(addrname[i])); + strncpy(ethaddr[i], env_get(addrname[i]), 17); /* Must disable access protection for ethaddr before clearing */ env_set(".flags", addrname[i]); env_set(addrname[i], NULL); @@ -187,7 +188,8 @@ static int dm_test_eth_rotate(struct unit_test_state *uts) net_ping_ip = string_to_ip("1.1.2.2"); /* Invalidate eth1's MAC address */ - strcpy(ethaddr, env_get("eth1addr")); + memset(ethaddr, '\0', sizeof(ethaddr)); + strncpy(ethaddr, env_get("eth1addr"), 17); /* Must disable access protection for eth1addr before clearing */ env_set(".flags", "eth1addr"); env_set("eth1addr", NULL); @@ -200,7 +202,7 @@ static int dm_test_eth_rotate(struct unit_test_state *uts) if (!retval) { /* Invalidate eth0's MAC address */ - strcpy(ethaddr, env_get("ethaddr")); + strncpy(ethaddr, env_get("ethaddr"), 17); /* Must disable access protection for ethaddr before clearing */ env_set(".flags", "ethaddr"); env_set("ethaddr", NULL);
Coverity scan has identified potential buffer overruns in these tests. Correct this by zeroing our buffer and using strncpy not strcpy. Reported-by: Coverity (CID: 155462, 155463) Cc: Joe Hershberger <joe.hershberger@ni.com> Cc: Simon Glass <sjg@chromium.org> Cc: Bin Meng <bmeng.cn@gmail.com> Signed-off-by: Tom Rini <trini@konsulko.com> --- test/dm/eth.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)