Multiple threads calling the same function may cause condition
race issues, which often leads to abnormal behavior and can cause
more serious vulnerabilities such as abnormal termination, denial
of service, and compromised data integrity.
The strtok() is non-reentrant, it is better to replace it with a
reentrant version.
Fixes: 6dd571fd07c3 ("telemetry: introduce new functionality")
Cc: sta...@dpdk.org
Signed-off-by: Jie Hai <haij...@huawei.com>
Acked-by: Chengwen Feng <fengcheng...@huawei.com>
Acked-by: Ciara Power <ciara.po...@intel.com>
Acked-by: Morten Brørup <m...@smartsharesystems.com>
---
lib/telemetry/telemetry.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/lib/telemetry/telemetry.c b/lib/telemetry/telemetry.c
index 31a2c91c0657..000b0f9f80df 100644
--- a/lib/telemetry/telemetry.c
+++ b/lib/telemetry/telemetry.c
@@ -398,6 +398,7 @@ static void *
client_handler(void *sock_id)
{
int s = (int)(uintptr_t)sock_id;
+ char *sp = NULL;
char buffer[1024];
char info_str[1024];
snprintf(info_str, sizeof(info_str),
@@ -412,8 +413,8 @@ client_handler(void *sock_id)
int bytes = read(s, buffer, sizeof(buffer) - 1);
while (bytes > 0) {
buffer[bytes] = 0;
- const char *cmd = strtok(buffer, ",");
- const char *param = strtok(NULL, "\0");
+ const char *cmd = strtok_r(buffer, ",", &sp);
+ const char *param = strtok_r(NULL, "\0", &sp);
struct cmd_callback cb = {.fn = unknown_command};
int i;
--
2.22.0
