sprintf function is not secure as it doesn't check the length of string.
More secure function snprintf is used.

Fixes: f714a18885 ("app/testbbdev: add test application for bbdev")
Cc: sta...@dpdk.org

Signed-off-by: Pallantla Poornima <pallantlax.poorn...@intel.com>
---
 app/test-bbdev/test_bbdev.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/test-bbdev/test_bbdev.c b/app/test-bbdev/test_bbdev.c
index a914817bc..b9fc750d3 100644
--- a/app/test-bbdev/test_bbdev.c
+++ b/app/test-bbdev/test_bbdev.c
@@ -788,14 +788,14 @@ test_bbdev_driver_init(void)
 
        /* Initialize the maximum amount of devices */
        do {
-               sprintf(name_tmp, "%s%i", "name_", num_devs);
+               snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
                dev2 = rte_bbdev_allocate(name_tmp);
                TEST_ASSERT(dev2 != NULL,
                                "Failed to initialize bbdev driver");
                ++num_devs;
        } while (num_devs < (RTE_BBDEV_MAX_DEVS - 1));
 
-       sprintf(name_tmp, "%s%i", "name_", num_devs);
+       snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
        dev2 = rte_bbdev_allocate(name_tmp);
        TEST_ASSERT(dev2 == NULL, "Failed to initialize bbdev driver number %d "
                        "more drivers than RTE_BBDEV_MAX_DEVS: %d ", num_devs,
@@ -804,7 +804,7 @@ test_bbdev_driver_init(void)
        num_devs--;
 
        while (num_devs >= num_devs_tmp) {
-               sprintf(name_tmp, "%s%i", "name_", num_devs);
+               snprintf(name_tmp, sizeof(name_tmp), "%s%i", "name_", num_devs);
                dev2 = rte_bbdev_get_named_dev(name_tmp);
                TEST_ASSERT_SUCCESS(rte_bbdev_release(dev2),
                                "Failed to uninitialize bbdev driver %s ",
@@ -825,7 +825,7 @@ test_bbdev_driver_init(void)
        TEST_ASSERT_FAIL(rte_bbdev_release(NULL),
                        "Failed to uninitialize bbdev driver with NULL bbdev");
 
-       sprintf(name_tmp, "%s", "invalid_name");
+       snprintf(name_tmp, sizeof(name_tmp), "%s", "invalid_name");
        dev2 = rte_bbdev_get_named_dev(name_tmp);
        TEST_ASSERT_FAIL(rte_bbdev_release(dev2),
                        "Failed to uninitialize bbdev driver with invalid 
name");
-- 
2.17.2

Reply via email to