From b1cede2bed2ccc03af99ba9d03d109b7636ae635 Mon Sep 17 00:00:00 2001 From: haochuan Date: Tue, 16 Oct 2018 20:15:10 +0800 Subject: [PATCH] Fix destination buffer too small issue by static analyze tool code with strcpy is not proposed, replace with strncpy Test: deploy simplex system, create qcow2 file with guest-client and json-c build and install. Use created qcow2 to create image named test, and create flavor named test_flavor with add guest:heartbeat property in metadata. Create instance with created image and flavor. Lanched the instance, launch guestClient process with command such command '# guestClient --device /dev/virtio-port/cgcs.heart' Check guestAgent in host file /var/log/guestAgent.log, confirm heartbeat enabled as "controller-0 c7ee5d00-e782-4d0a-8292-7724b3afc4e9 enabled heartbeating status change to 'enabled'" Closes-Bug: 1794908 Change-Id: Ieb774882802127cfffef1291cf1bcc7a4d6f8055 Signed-off-by: Martin Chen --- mtce-guest/src/guestVirtio.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mtce-guest/src/guestVirtio.cpp b/mtce-guest/src/guestVirtio.cpp index 88f5f4e2..e3224822 100644 --- a/mtce-guest/src/guestVirtio.cpp +++ b/mtce-guest/src/guestVirtio.cpp @@ -324,8 +324,10 @@ int virtio_channel_connect ( instInfo * instInfo_ptr ) struct sockaddr_un un; un.sun_family = AF_UNIX; - strcpy(un.sun_path, buf); - len = offsetof(struct sockaddr_un, sun_path) + strlen(buf); + strncpy(un.sun_path, buf, sizeof(un.sun_path)-1); + un.sun_path[sizeof(un.sun_path)-1] = '\0'; + + len = offsetof(struct sockaddr_un, sun_path) + strlen(un.sun_path); rc = connect(instInfo_ptr->chan_fd, (struct sockaddr *)&un, len); if (rc < 0) {