Pallantla Poornima <pallantlax.poorn...@intel.com> writes:
> sprintf function is not secure as it doesn't check the length of string.
> More secure function snprintf is used.
>
> Fixes: 2a9c83ae3b ("test/eventdev: add multi-ports test")
> Cc: sta...@dpdk.org
>
> Signed-off-by: Pallantla Poornima <pallantlax.poorn...@intel.com>
> ---
> test/test/test_event_eth_rx_adapter.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/test/test/test_event_eth_rx_adapter.c
> b/test/test/test_event_eth_rx_adapter.c
> index 1d3be82b5..38f5c039f 100644
> --- a/test/test/test_event_eth_rx_adapter.c
> +++ b/test/test/test_event_eth_rx_adapter.c
> @@ -479,7 +479,8 @@ adapter_multi_eth_add_del(void)
> /* add the max port for rx_adapter */
> port_index = rte_eth_dev_count_total();
> for (; port_index < RTE_MAX_ETHPORTS; port_index += 1) {
> - sprintf(driver_name, "%s%u", "net_null", drv_id);
> + snprintf(driver_name, sizeof(driver_name), "%s%u", "net_null",
> + drv_id);
> err = rte_vdev_init(driver_name, NULL);
> TEST_ASSERT(err == 0, "Failed driver %s got %d",
> driver_name, err);
You call this a fix, but it's not possible for the value of drv_id to
exceed '32' and the buffer size is plenty accommodating for that. Did I
miss something? What is this fixing?
