From: Mathieu Desnoyers Date: Tue, 17 May 2016 01:42:56 +0000 (-0400) Subject: Fix: illegal memory access in relayd_create_session_2_4 X-Git-Tag: v2.7.3~52 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=8bad91a9758fc5454a501d490c2e7560a5a76b46;p=lttng-tools.git Fix: illegal memory access in relayd_create_session_2_4 Found by Coverity: CID 1243024 (#1 of 2): Buffer not null terminated (BUFFER_SIZE_WARNING)2. buffer_size_warning: Calling strncpy with a maximum size argument of 255 bytes on destination array msg.session_name of size 255 bytes might leave the destination string unterminated. CID 1243024 (#2 of 2): Buffer not null terminated (BUFFER_SIZE_WARNING)3. buffer_size_warning: Calling strncpy with a maximum size argument of 64 bytes on destination array msg.hostname of size 64 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- diff --git a/src/common/relayd/relayd.c b/src/common/relayd/relayd.c index 47db4081a..8f4f07a20 100644 --- a/src/common/relayd/relayd.c +++ b/src/common/relayd/relayd.c @@ -130,8 +130,15 @@ static int relayd_create_session_2_4(struct lttcomm_relayd_sock *rsock, int ret; struct lttcomm_relayd_create_session_2_4 msg; - strncpy(msg.session_name, session_name, sizeof(msg.session_name)); - strncpy(msg.hostname, hostname, sizeof(msg.hostname)); + if (lttng_strncpy(msg.session_name, session_name, + sizeof(msg.session_name))) { + ret = -1; + goto error; + } + if (lttng_strncpy(msg.hostname, hostname, sizeof(msg.hostname))) { + ret = -1; + goto error; + } msg.live_timer = htobe32(session_live_timer); msg.snapshot = htobe32(snapshot);