Hi Anoob,
> > > > @@ -542,8 +543,8 @@ rte_cryptodev_get_dev_id(const char *name)
> > > > return -1;
> > > >
> > > > for (i = 0; i < cryptodev_globals.nb_devs; i++)
> > > > - if ((strcmp(cryptodev_globals.devs[i].data->name, name)
> > > > - == 0) &&
> > > > + if ((strncmp(cryptodev_globals.devs[i].data->name, name,
> > > > + RTE_CRYPTODEV_NAME_MAX_LEN) == 0)
> > &&
> > [Fiona] Is this safe? The const passed to this may not be the full length of
> > RTE_CRYPTODEV_NAME_MAX_LEN. Does this prototype need to specify
> > that a full length const filled with trailing zeros must be passed in? And
> > if so is
> > this an ABI breakage?
> >
>
> [Anoob] strcmp itself is not safe when we have buffers which are not NULL
> terminated. Strncmp will make
> sure the check won't exceed RTE_CRYPTODEV_NAME_MAX_LEN.
>
> From man page, "The strncmp() function is similar, except it only compares
> the first (at most) n bytes of
> s1 and s2."
>
> The main issue here is the usage of strncmp with strlen(driver_name), as in
> the below cases. Strlen will
> return string length, which doesn't include \0. strcmp is good enough to fix
> the issue. But usage of strcmp
> would assume that the const is filled with trailing zero. IMO, none of these
> options are really safe. So
> please advise on what would be the best solution here. I'll revise the patch
> accordingly.
[Fiona] I agree and think it is safest as you've coded it. However I'd suggest
adding a comment on the relevant APIs saying that the string must be passed in
in a buffer of size <use relevant #define> with trailing zeros.
