From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Tue, 18 Jun 2013 19:51:37 +0000 (-0400)
Subject: Fix: out of bound strcpy
X-Git-Tag: v2.2.0-rc3~12
X-Git-Url: https://git.lttng.org/?p=lttng-tools.git;a=commitdiff_plain;h=245463865cdd6ecb616d3ad8ddb8db11b7538d71

Fix: out of bound strcpy

1019904 Copy into fixed size buffer
In add_context: A source buffer of statically unknown size is copied
into a fixed-size destination buffer (CWE-120)

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
---

diff --git a/src/bin/lttng/commands/add_context.c b/src/bin/lttng/commands/add_context.c
index 453575983..4904d2772 100644
--- a/src/bin/lttng/commands/add_context.c
+++ b/src/bin/lttng/commands/add_context.c
@@ -383,7 +383,9 @@ static int add_context(char *session_name)
 		if (context.ctx == LTTNG_EVENT_CONTEXT_PERF_COUNTER) {
 			context.u.perf_counter.type = type->opt->u.perf.type;
 			context.u.perf_counter.config = type->opt->u.perf.config;
-			strcpy(context.u.perf_counter.name, type->opt->symbol);
+			strncpy(context.u.perf_counter.name, type->opt->symbol,
+				LTTNG_SYMBOL_NAME_LEN);
+			context.u.perf_counter.name[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
 			/* Replace : and - by _ */
 			while ((ptr = strchr(context.u.perf_counter.name, '-')) != NULL) {
 				*ptr = '_';