Definitely looks spurious to me. Chris.
From: vpp-dev-boun...@lists.fd.io [mailto:vpp-dev-boun...@lists.fd.io] On Behalf Of Jon Loeliger Sent: Wednesday, April 26, 2017 4:24 PM To: vpp-dev <vpp-dev@lists.fd.io> Subject: [vpp-dev] A Curious DHCP Hostname Terminator Choice Hi Guys, Way over in src/vnet/dhcp/dhcp_api.c, we find the function void dhcp_compl_event_callback (u32 client_index, u32 pid, u8 * hostname, u8 is_ipv6, u8 * host_address, u8 * router_address, u8 * host_mac) which contains a curious use of the newline character: mp = vl_msg_api_alloc (sizeof (*mp)); mp->client_index = client_index; mp->pid = pid; mp->is_ipv6 = is_ipv6; clib_memcpy (&mp->hostname, hostname, vec_len (hostname)); mp->hostname[vec_len (hostname) + 1] = '\n'; clib_memcpy (&mp->host_address[0], host_address, 16); clib_memcpy (&mp->router_address[0], router_address, 16); So, is that '\n' supposed to be 0 instead? Or is that value used in some odd location that requires an actual newline here? What happens if the user supplies a hostname of exactly 63 octets and this newline is added? There is at least one use of strncpy() on this hostname value, so it seems fragile to me at the fencepost. Pedantically yours, jdl
_______________________________________________ vpp-dev mailing list vpp-dev@lists.fd.io https://lists.fd.io/mailman/listinfo/vpp-dev
