static analysis reports "Buffer not null terminated" issues in stx-nfv
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| StarlingX |
Fix Released
|
High
|
Ran An | ||
Bug Description
Brief Description
-----------------
in some files, it use 'sncpy()' function which can not guarantee null termination of the string. This will lead a further security issue: "If the buffer is treated as a null terminated string in later operations, a buffer overflow or over-read may occur."
Severity
--------
Major
Steps to Reproduce
------------------
use function 'snprintf()' instead of 'sncpy()'
Expected Behavior
------------------
static analysis do not report this issue
Actual Behavior
----------------
static analysis report this issue
Reproducibility
---------------
Reproducible
System Configuration
-------
all
Static Analysis Reports
-------
Buffer not null terminated
If the buffer is treated as a null terminated string in later operations, a buffer overflow or over-read may occur.
host_instance_
buffer_
similar cases at host_instance_
| Changed in starlingx: | |
| assignee: | nobody → Ran An (an.ran) |
| tags: | added: stx.security |
| Changed in starlingx: | |
| status: | New → Triaged |
| importance: | Undecided → High |
| Bruce Jones (brucej) wrote | #1 |
| description: | updated |
| description: | updated |
| tags: | added: stx.2019.03 |
| Ran An (an.ran) wrote | #2 |
| Changed in starlingx: | |
| status: | Triaged → Fix Released |
| information type: | Private Security → Public Security |
| tags: |
added: stx.2019.05 removed: stx.2019.03 |
| tags: |
added: stx.2.0 removed: stx.2019.05 |
Please update this bug with specific file and line number information for the static analysis issue. Make sure the bug has enough information for someone to find the problem in the code without access to the tool or the report.