[U-Boot] [PATCH] test/dm: Fix string handling issues in the eth test

Tue Sep 26 18:08:30 UTC 2017

Coverity scan has identified potential buffer overruns in these tests.
Correct this by zeroing our buffer and using strncpy not strcpy.

Reported-by: Coverity (CID: 155462, 155463)
Cc: Joe Hershberger <joe.hershberger at ni.com>
Cc: Simon Glass <sjg at chromium.org>
Cc: Bin Meng <bmeng.cn at gmail.com>
Signed-off-by: Tom Rini <trini at konsulko.com>
---
 test/dm/eth.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/test/dm/eth.c b/test/dm/eth.c
index 122fab924d6a..67fd660ee4f5 100644
--- a/test/dm/eth.c
+++ b/test/dm/eth.c
@@ -110,6 +110,7 @@ static int dm_test_eth_act(struct unit_test_state *uts)
 	char ethaddr[DM_TEST_ETH_NUM][18];
 	int i;
 
+	memset(ethaddr, '\0', sizeof(ethaddr));
 	net_ping_ip = string_to_ip("1.1.2.2");
 
 	/* Prepare the test scenario */
@@ -119,7 +120,7 @@ static int dm_test_eth_act(struct unit_test_state *uts)
 		ut_assertok(device_remove(dev[i], DM_REMOVE_NORMAL));
 
 		/* Invalidate MAC address */
-		strcpy(ethaddr[i], env_get(addrname[i]));
+		strncpy(ethaddr[i], env_get(addrname[i]), 17);
 		/* Must disable access protection for ethaddr before clearing */
 		env_set(".flags", addrname[i]);
 		env_set(addrname[i], NULL);
@@ -187,7 +188,8 @@ static int dm_test_eth_rotate(struct unit_test_state *uts)
 	net_ping_ip = string_to_ip("1.1.2.2");
 
 	/* Invalidate eth1's MAC address */
-	strcpy(ethaddr, env_get("eth1addr"));
+	memset(ethaddr, '\0', sizeof(ethaddr));
+	strncpy(ethaddr, env_get("eth1addr"), 17);
 	/* Must disable access protection for eth1addr before clearing */
 	env_set(".flags", "eth1addr");
 	env_set("eth1addr", NULL);
@@ -200,7 +202,7 @@ static int dm_test_eth_rotate(struct unit_test_state *uts)
 
 	if (!retval) {
 		/* Invalidate eth0's MAC address */
-		strcpy(ethaddr, env_get("ethaddr"));
+		strncpy(ethaddr, env_get("ethaddr"), 17);
 		/* Must disable access protection for ethaddr before clearing */
 		env_set(".flags", "ethaddr");
 		env_set("ethaddr", NULL);
-- 
1.9.1

