From patchwork Fri Sep 20 18:06:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Verma, Vishal L" X-Patchwork-Id: 11154769 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E66C116B1 for ; Fri, 20 Sep 2019 18:06:11 +0000 (UTC) Received: from ml01.01.org (ml01.01.org [198.145.21.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CE39720B7C for ; Fri, 20 Sep 2019 18:06:11 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CE39720B7C Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-nvdimm-bounces@lists.01.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 66A06202ECFA8; Fri, 20 Sep 2019 11:05:08 -0700 (PDT) X-Original-To: linux-nvdimm@lists.01.org Delivered-To: linux-nvdimm@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.65; helo=mga03.intel.com; envelope-from=vishal.l.verma@intel.com; receiver=linux-nvdimm@lists.01.org Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D61E5202EBEC6 for ; Fri, 20 Sep 2019 11:05:07 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Sep 2019 11:06:10 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,529,1559545200"; d="scan'208";a="271609770" Received: from vverma7-desk1.lm.intel.com ([10.232.112.164]) by orsmga001.jf.intel.com with ESMTP; 20 Sep 2019 11:06:10 -0700 From: Vishal Verma To: Subject: [ndctl PATCH] libndctl: Fix a potentially non NUL-terminated string operation Date: Fri, 20 Sep 2019 12:06:08 -0600 Message-Id: <20190920180608.8662-1-vishal.l.verma@intel.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-BeenThere: linux-nvdimm@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Linux-nvdimm developer list." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: linux-nvdimm-bounces@lists.01.org Sender: "Linux-nvdimm" Static analysis warns that pread() doesn't NUL-terminate buffers, and that we shouldn't pass it directly to strcmp. The sysfs string should normally have the right termination, but for correctness in the library, we shouldn't rely on that. Replace the strcmp() calls in question with an explicit strncmp(). Fixes: 3c0c7db045ec ("ndctl: add a wait-overwrite command") Cc: Dave Jiang Cc: Dan Williams Signed-off-by: Vishal Verma Reviewed-by: Dave Jiang --- ndctl/lib/dimm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ndctl/lib/dimm.c b/ndctl/lib/dimm.c index 2f145be..17344f0 100644 --- a/ndctl/lib/dimm.c +++ b/ndctl/lib/dimm.c @@ -825,7 +825,7 @@ NDCTL_EXPORT int ndctl_dimm_wait_overwrite(struct ndctl_dimm *dimm) break; } - if (strcmp(buf, "overwrite") == 0) { + if (strncmp(buf, "overwrite", 9) == 0) { rc = poll(&fds, 1, -1); if (rc < 0) { rc = -errno; @@ -839,7 +839,7 @@ NDCTL_EXPORT int ndctl_dimm_wait_overwrite(struct ndctl_dimm *dimm) } fds.revents = 0; } else { - if (strcmp(buf, "disabled") == 0) + if (strncmp(buf, "disabled", 8) == 0) rc = 1; break; }