From 9955cae0cb79b9a2ab72dff43f2b8753963ee7f2 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Mon, 16 May 2016 21:42:59 -0400 Subject: [PATCH] Fix: illegal memory access in send_viewer_streams MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Found by Coverity: CID 1243037 (#1 of 2): Buffer not null terminated (BUFFER_SIZE_WARNING)18. buffer_size_warning: Calling strncpy with a maximum size argument of 4096 bytes on destination array send_stream.path_name of size 4096 bytes might leave the destination string unterminated. CID 1243037 (#2 of 2): Buffer not null terminated (BUFFER_SIZE_WARNING)18. buffer_size_warning: Calling strncpy with a maximum size argument of 255 bytes on destination array send_stream.channel_name of size 255 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- src/bin/lttng-relayd/live.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/src/bin/lttng-relayd/live.c b/src/bin/lttng-relayd/live.c index ad6d3e53a..06eba74d7 100644 --- a/src/bin/lttng-relayd/live.c +++ b/src/bin/lttng-relayd/live.c @@ -232,10 +232,21 @@ ssize_t send_viewer_streams(struct lttcomm_sock *sock, send_stream.ctf_trace_id = htobe64(ctf_trace->id); send_stream.metadata_flag = htobe32( vstream->stream->is_metadata); - strncpy(send_stream.path_name, vstream->path_name, - sizeof(send_stream.path_name)); - strncpy(send_stream.channel_name, vstream->channel_name, - sizeof(send_stream.channel_name)); + if (lttng_strncpy(send_stream.path_name, vstream->path_name, + sizeof(send_stream.path_name))) { + pthread_mutex_unlock(&vstream->stream->lock); + viewer_stream_put(vstream); + ret = -1; /* Error. */ + goto end_unlock; + } + if (lttng_strncpy(send_stream.channel_name, + vstream->channel_name, + sizeof(send_stream.channel_name))) { + pthread_mutex_unlock(&vstream->stream->lock); + viewer_stream_put(vstream); + ret = -1; /* Error. */ + goto end_unlock; + } DBG("Sending stream %" PRIu64 " to viewer", vstream->stream->stream_handle); -- 2.34.1