From d6eec465f4e998c99e8345962065a40fe134e41c Mon Sep 17 00:00:00 2001
From: haochuan <haochuan.z.chen@intel.com>
Date: Tue, 30 Oct 2018 14:31:20 +0800
Subject: [PATCH] Add explicate string terminator for protection Verified with
 Multi-node and duplex deploy and log checking

Closes-Bug:1794937

Change-Id: I3af74efbf66fe71e4920f6cfd7af2b2ef4cb68b6
Signed-off-by: Martin, Chen <haochuan.z.chen@intel.com>
---
 mtce/src/hostw/hostwHdlr.cpp        | 1 +
 mtce/src/hwmon/hwmonMsg.cpp         | 2 ++
 mtce/src/maintenance/mtcCtrlMsg.cpp | 1 +
 mtce/src/rmon/rmonMsg.cpp           | 1 +
 4 files changed, 5 insertions(+)

diff --git a/mtce/src/hostw/hostwHdlr.cpp b/mtce/src/hostw/hostwHdlr.cpp
index fb5e986a..4b26d2c3 100644
--- a/mtce/src/hostw/hostwHdlr.cpp
+++ b/mtce/src/hostw/hostwHdlr.cpp
@@ -177,6 +177,7 @@ int hostw_service_command ( hostw_socket_type * hostw_socket)
                               */
     int len = sizeof(msg[0]) + 1;
 
+    memset(msg, 0, 2*sizeof(msg[0]));
     socklen_t addrlen = (socklen_t) sizeof(hostw_socket->status_addr);
     len = recvfrom(hostw_socket->status_sock,
                           (char*)&msg,
diff --git a/mtce/src/hwmon/hwmonMsg.cpp b/mtce/src/hwmon/hwmonMsg.cpp
index d84e0665..6572776b 100644
--- a/mtce/src/hwmon/hwmonMsg.cpp
+++ b/mtce/src/hwmon/hwmonMsg.cpp
@@ -246,6 +246,8 @@ int  hwmon_service_inbox  ( void )
             return (FAIL_UNKNOWN_HOSTNAME);
         }
 
+        /* add string terminator for protection */
+        msg.buf[BUF_SIZE-1] = '\0';
         rc = hwmonJson_load_inv ( &msg.buf[0], inv );
         if ( rc )
         {
diff --git a/mtce/src/maintenance/mtcCtrlMsg.cpp b/mtce/src/maintenance/mtcCtrlMsg.cpp
index b8fa12b8..0be8d705 100755
--- a/mtce/src/maintenance/mtcCtrlMsg.cpp
+++ b/mtce/src/maintenance/mtcCtrlMsg.cpp
@@ -144,6 +144,7 @@ int mtc_service_inbox ( nodeLinkClass   *  obj_ptr,
     {
         bytes = sock_ptr->mtc_agent_rx_socket->read((char*)&msg, sizeof(msg));
     }
+    msg.buf[BUF_SIZE-1] = '\0';
 
     if ( bytes <= 0 )
     {
diff --git a/mtce/src/rmon/rmonMsg.cpp b/mtce/src/rmon/rmonMsg.cpp
index a87738db..6660c40a 100644
--- a/mtce/src/rmon/rmonMsg.cpp
+++ b/mtce/src/rmon/rmonMsg.cpp
@@ -525,6 +525,7 @@ int rmon_service_inbox ( int clients )
     bytes = recvfrom( rmon_sock.rmon_tx_sock, buf, RMON_MAX_LEN, 0, (struct sockaddr *)&rmon_sock.rmon_tx_addr, &len);
     if ( bytes > 0 )
     {
+        buf[RMON_MAX_LEN-1] = '\0';
         sscanf ( buf, "%99s %99s %u", str, registered_not, &port ); //RMON_MAX_LEN is defined as 100
         strcpy( active_buf, buf );