From 49d06560692f4307635a28b627a00d8c81948c48 Mon Sep 17 00:00:00 2001 From: Bastien Nocera Date: Thu, 16 May 2024 11:03:16 +0200 Subject: [PATCH] mgmt-tester: Fix non-nul-terminated string Error: STRING_NULL (CWE-170): [#def59] [important] tools/mgmt-tester.c:12670:2: string_null_source: Function "vhci_read_devcd" does not terminate string "buf". tools/mgmt-tester.c:12677:2: string_null: Passing unterminated string "buf" to "strtok_r", which expects a null-terminated string. 12675| 12676| /* Verify if all devcoredump header fields are present */ 12677|-> line = strtok_r(buf, delim, &saveptr); 12678| while (strlen(test->expect_dump_data[i])) { 12679| if (!line || strcmp(line, test->expect_dump_data[i])) { --- tools/mgmt-tester.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tools/mgmt-tester.c b/tools/mgmt-tester.c index 8a4fbc2eb..8076ec105 100644 --- a/tools/mgmt-tester.c +++ b/tools/mgmt-tester.c @@ -12656,18 +12656,22 @@ static void verify_devcd(void *user_data) struct test_data *data = tester_get_data(); const struct generic_data *test = data->test_data; struct vhci *vhci = hciemu_get_vhci(data->hciemu); - char buf[MAX_COREDUMP_BUF_LEN] = {0}; + char buf[MAX_COREDUMP_BUF_LEN + 1] = {0}; + int read; char delim[] = "\n"; char *line; char *saveptr; int i = 0; /* Read the generated devcoredump file */ - if (vhci_read_devcd(vhci, buf, sizeof(buf)) <= 0) { + read = vhci_read_devcd(vhci, buf, MAX_COREDUMP_BUF_LEN); + if (read <= 0) { tester_warn("Unable to read devcoredump"); tester_test_failed(); return; } + /* Make sure buf is nul-terminated */ + buf[read + 1] = '\0'; /* Verify if all devcoredump header fields are present */ line = strtok_r(buf, delim, &saveptr); -- 2.47.3