bgpd, zebra: remove strcpy, strlen and sprintf calls

Replace with safe copy functions - strlcpy, strlcat, strnlen and
snprintf.

Signed-off-by: Anuradha Karuppiah <anuradhak@cumulusnetworks.com>

diff --git a/bgpd/bgp_evpn_mh.c b/bgpd/bgp_evpn_mh.c
index 6d24535cbdff316e51df06804b34ea277392df80..eb65c43bb9b72bc0b64f8ffe21764a10e91664cc 100644 (file)
--- a/bgpd/bgp_evpn_mh.c
+++ b/bgpd/bgp_evpn_mh.c
@@ -1342,7 +1342,8 @@ static void bgp_evpn_es_local_info_set(struct bgp *bgp, struct bgp_evpn_es *es)
        bf_assign_index(bm->rd_idspace, es->rd_id);
        es->prd.family = AF_UNSPEC;
        es->prd.prefixlen = 64;
-       sprintf(buf, "%s:%hu", inet_ntoa(bgp->router_id), es->rd_id);
+       snprintf(buf, sizeof(buf), "%s:%hu", inet_ntoa(bgp->router_id),
+                es->rd_id);
        (void)str2prefix_rd(buf, &es->prd);
 }
 
@@ -1551,7 +1552,8 @@ int bgp_evpn_local_es_add(struct bgp *bgp, esi_t *esi,
        return 0;
 }
 
-static char *bgp_evpn_es_vteps_str(char *vtep_str, struct bgp_evpn_es *es)
+static char *bgp_evpn_es_vteps_str(char *vtep_str, struct bgp_evpn_es *es,
+                                  uint8_t vtep_str_size)
 {
        char vtep_flag_str[BGP_EVPN_FLAG_STR_SZ];
        struct listnode *node;
@@ -1562,22 +1564,20 @@ static char *bgp_evpn_es_vteps_str(char *vtep_str, struct bgp_evpn_es *es)
        for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list, node, es_vtep)) {
                vtep_flag_str[0] = '\0';
                if (es_vtep->flags & BGP_EVPNES_VTEP_ESR)
-                       strcpy(vtep_flag_str + strlen(vtep_flag_str), "E");
+                       strlcat(vtep_flag_str, "E", sizeof(vtep_flag_str));
                if (es_vtep->flags & BGP_EVPNES_VTEP_ACTIVE)
-                       strcpy(vtep_flag_str + strlen(vtep_flag_str), "A");
+                       strlcat(vtep_flag_str, "A", sizeof(vtep_flag_str));
 
                if (!strlen(vtep_flag_str))
-                       strcpy(vtep_flag_str, "-");
-               if (first) {
+                       strlcat(vtep_flag_str, "-", sizeof(vtep_flag_str));
+               if (first)
                        first = false;
-                       sprintf(vtep_str + strlen(vtep_str), "%s(%s)",
-                                       inet_ntoa(es_vtep->vtep_ip),
-                                       vtep_flag_str);
-               } else {
-                       sprintf(vtep_str + strlen(vtep_str), ",%s(%s)",
-                                       inet_ntoa(es_vtep->vtep_ip),
-                                       vtep_flag_str);
-               }
+               else
+                       strlcat(vtep_str, ",", vtep_str_size);
+               strlcat(vtep_str, inet_ntoa(es_vtep->vtep_ip), vtep_str_size);
+               strlcat(vtep_str, "(", vtep_str_size);
+               strlcat(vtep_str, vtep_flag_str, vtep_str_size);
+               strlcat(vtep_str, ")", vtep_str_size);
        }
 
        return vtep_str;
@@ -1653,18 +1653,18 @@ static void bgp_evpn_es_show_entry(struct vty *vty,
 
                type_str[0] = '\0';
                if (es->flags & BGP_EVPNES_LOCAL)
-                       strcpy(type_str + strlen(type_str), "L");
+                       strlcat(type_str, "L", sizeof(type_str));
                if (es->flags & BGP_EVPNES_REMOTE)
-                       strcpy(type_str + strlen(type_str), "R");
+                       strlcat(type_str, "R", sizeof(type_str));
                if (es->inconsistencies)
-                       strcpy(type_str + strlen(type_str), "I");
+                       strlcat(type_str, "I", sizeof(type_str));
 
-               bgp_evpn_es_vteps_str(vtep_str, es);
+               bgp_evpn_es_vteps_str(vtep_str, es, sizeof(vtep_str));
 
                if (es->flags & BGP_EVPNES_LOCAL)
                        prefix_rd2str(&es->prd, buf1, sizeof(buf1));
                else
-                       strcpy(buf1, "-");
+                       strlcpy(buf1, "-", sizeof(buf1));
 
                vty_out(vty, "%-30s %-5s %-21s %-8d %s\n",
                                es->esi_str, type_str, buf1,
@@ -1712,18 +1712,18 @@ static void bgp_evpn_es_show_entry_detail(struct vty *vty,
 
                type_str[0] = '\0';
                if (es->flags & BGP_EVPNES_LOCAL)
-                       strcpy(type_str + strlen(type_str), "L");
+                       strlcat(type_str, "L", sizeof(type_str));
                if (es->flags & BGP_EVPNES_REMOTE)
-                       strcpy(type_str + strlen(type_str), "R");
+                       strlcat(type_str, "R", sizeof(type_str));
 
-               bgp_evpn_es_vteps_str(vtep_str, es);
+               bgp_evpn_es_vteps_str(vtep_str, es, sizeof(vtep_str));
                if (!strlen(vtep_str))
-                       strcpy(vtep_str, "-");
+                       strlcpy(buf1, "-", sizeof(buf1));
 
                if (es->flags & BGP_EVPNES_LOCAL)
                        prefix_rd2str(&es->prd, buf1, sizeof(buf1));
                else
-                       strcpy(buf1, "-");
+                       strlcpy(buf1, "-", sizeof(buf1));
 
                vty_out(vty, "ESI: %s\n", es->esi_str);
                vty_out(vty, " Type: %s\n", type_str);
@@ -1738,10 +1738,10 @@ static void bgp_evpn_es_show_entry_detail(struct vty *vty,
                if (es->inconsistencies) {
                        incons_str[0] = '\0';
                        if (es->inconsistencies & BGP_EVPNES_INCONS_VTEP_LIST)
-                               strcpy(incons_str + strlen(incons_str),
-                                               "vni-vtep-mismatch");
+                               strlcat(incons_str, "vni-vtep-mismatch",
+                                       sizeof(incons_str));
                } else {
-                       strcpy(incons_str, "-");
+                       strlcpy(incons_str, "-", sizeof(incons_str));
                }
                vty_out(vty, " Inconsistencies: %s\n",
                                incons_str);
@@ -2387,7 +2387,8 @@ void bgp_evpn_vni_es_cleanup(struct bgpevpn *vpn)
 }
 
 static char *bgp_evpn_es_evi_vteps_str(char *vtep_str,
-               struct bgp_evpn_es_evi *es_evi)
+                                      struct bgp_evpn_es_evi *es_evi,
+                                      uint8_t vtep_str_size)
 {
        char vtep_flag_str[BGP_EVPN_FLAG_STR_SZ];
        struct listnode *node;
@@ -2398,22 +2399,20 @@ static char *bgp_evpn_es_evi_vteps_str(char *vtep_str,
        for (ALL_LIST_ELEMENTS_RO(es_evi->es_evi_vtep_list, node, evi_vtep)) {
                vtep_flag_str[0] = '\0';
                if (evi_vtep->flags & BGP_EVPN_EVI_VTEP_EAD_PER_ES)
-                       strcpy(vtep_flag_str + strlen(vtep_flag_str), "E");
+                       strlcat(vtep_flag_str, "E", sizeof(vtep_flag_str));
                if (evi_vtep->flags & BGP_EVPN_EVI_VTEP_EAD_PER_EVI)
-                       strcpy(vtep_flag_str + strlen(vtep_flag_str), "V");
+                       strlcat(vtep_flag_str, "V", sizeof(vtep_flag_str));
 
-               if (!strlen(vtep_flag_str))
-                       strcpy(vtep_flag_str, "-");
-               if (first) {
+               if (!strnlen(vtep_flag_str, sizeof(vtep_flag_str)))
+                       strlcpy(vtep_flag_str, "-", sizeof(vtep_flag_str));
+               if (first)
                        first = false;
-                       sprintf(vtep_str + strlen(vtep_str), "%s(%s)",
-                                       inet_ntoa(evi_vtep->vtep_ip),
-                                       vtep_flag_str);
-               } else {
-                       sprintf(vtep_str + strlen(vtep_str), ",%s(%s)",
-                                       inet_ntoa(evi_vtep->vtep_ip),
-                                       vtep_flag_str);
-               }
+               else
+                       strlcat(vtep_str, ",", vtep_str_size);
+               strlcat(vtep_str, inet_ntoa(evi_vtep->vtep_ip), vtep_str_size);
+               strlcat(vtep_str, "(", vtep_str_size);
+               strlcat(vtep_str, vtep_flag_str, vtep_str_size);
+               strlcat(vtep_str, ")", vtep_str_size);
        }
 
        return vtep_str;
@@ -2483,13 +2482,13 @@ static void bgp_evpn_es_evi_show_entry(struct vty *vty,
 
                type_str[0] = '\0';
                if (es_evi->flags & BGP_EVPNES_EVI_LOCAL)
-                       strcpy(type_str + strlen(type_str), "L");
+                       strlcat(type_str, "L", sizeof(type_str));
                if (es_evi->flags & BGP_EVPNES_EVI_REMOTE)
-                       strcpy(type_str + strlen(type_str), "R");
+                       strlcat(type_str, "R", sizeof(type_str));
                if (es_evi->flags & BGP_EVPNES_EVI_INCONS_VTEP_LIST)
-                       strcpy(type_str + strlen(type_str), "I");
+                       strlcat(type_str, "I", sizeof(type_str));
 
-               bgp_evpn_es_evi_vteps_str(vtep_str, es_evi);
+               bgp_evpn_es_evi_vteps_str(vtep_str, es_evi, sizeof(vtep_str));
 
                vty_out(vty, "%-8d %-30s %-5s %s\n",
                                es_evi->vpn->vni, es_evi->es->esi_str,
@@ -2516,13 +2515,13 @@ static void bgp_evpn_es_evi_show_entry_detail(struct vty *vty,
 
                type_str[0] = '\0';
                if (es_evi->flags & BGP_EVPNES_EVI_LOCAL)
-                       strcpy(type_str + strlen(type_str), "L");
+                       strlcat(type_str, "L", sizeof(type_str));
                if (es_evi->flags & BGP_EVPNES_EVI_REMOTE)
-                       strcpy(type_str + strlen(type_str), "R");
+                       strlcat(type_str, "R", sizeof(type_str));
 
-               bgp_evpn_es_evi_vteps_str(vtep_str, es_evi);
+               bgp_evpn_es_evi_vteps_str(vtep_str, es_evi, sizeof(vtep_str));
                if (!strlen(vtep_str))
-                       strcpy(vtep_str, "-");
+                       strlcpy(vtep_str, "-", sizeof(type_str));
 
                vty_out(vty, "VNI: %d ESI: %s\n",
                                es_evi->vpn->vni, es_evi->es->esi_str);

diff --git a/zebra/rt_netlink.c b/zebra/rt_netlink.c
index 61d1212e043900690fe19f8ff4aa26b733af819c..4daef42d7ad1a4de0195299d2b6740b457e87997 100644 (file)
--- a/zebra/rt_netlink.c
+++ b/zebra/rt_netlink.c
@@ -3989,11 +3989,13 @@ static int netlink_fdb_nhg_update(uint32_t nhg_id, uint32_t nh_cnt,
 
        if (IS_ZEBRA_DEBUG_KERNEL || IS_ZEBRA_DEBUG_EVPN_MH_NH) {
                char vtep_str[ES_VTEP_LIST_STR_SZ];
+               char nh_buf[16];
 
                vtep_str[0] = '\0';
                for (i = 0; i < nh_cnt; ++i) {
-                       sprintf(vtep_str + strlen(vtep_str), "0x%x ",
+                       snprintf(nh_buf, sizeof(nh_buf), "%u ",
                                        grp[i].id);
+                       strlcat(vtep_str, nh_buf, sizeof(vtep_str));
                }
 
                zlog_debug("Tx %s fdb-nhg 0x%x %s",

diff --git a/zebra/zebra_evpn_mh.c b/zebra/zebra_evpn_mh.c
index 435e11021244bcf24129cd4f9da3bb14e0062220..fae36ec6fac7cbe28d2e325dc76f4b6c412314f1 100644 (file)
--- a/zebra/zebra_evpn_mh.c
+++ b/zebra/zebra_evpn_mh.c
@@ -260,7 +260,7 @@ static void zebra_evpn_es_evi_show_entry(struct vty *vty,
        } else {
                type_str[0] = '\0';
                if (es_evi->flags & ZEBRA_EVPNES_EVI_LOCAL)
-                       strcpy(type_str + strlen(type_str), "L");
+                       strlcat(type_str, "L", sizeof(type_str));
 
                vty_out(vty, "%-8d %-30s %-4s\n",
                                es_evi->zvni->vni, es_evi->es->esi_str,
@@ -278,7 +278,7 @@ static void zebra_evpn_es_evi_show_entry_detail(struct vty *vty,
        } else {
                type_str[0] = '\0';
                if (es_evi->flags & ZEBRA_EVPNES_EVI_LOCAL)
-                       strcpy(type_str + strlen(type_str), "L");
+                       strlcat(type_str, "L", sizeof(type_str));
 
                vty_out(vty, "VNI %d ESI: %s\n",
                                es_evi->zvni->vni, es_evi->es->esi_str);
@@ -877,11 +877,14 @@ static void zebra_evpn_nhg_update(struct zebra_evpn_es *es)
                if (IS_ZEBRA_DEBUG_EVPN_MH_NH) {
                        char nh_str[ES_VTEP_LIST_STR_SZ];
                        uint32_t i;
+                       char nh_buf[16];
 
                        nh_str[0] = '\0';
-                       for (i = 0; i < nh_cnt; ++i)
-                               sprintf(nh_str + strlen(nh_str),
-                                               "0x%x ", nh_ids[i].id);
+                       for (i = 0; i < nh_cnt; ++i) {
+                               snprintf(nh_buf, sizeof(nh_buf), "%u ",
+                                        nh_ids[i].id);
+                               strlcat(nh_str, nh_buf, sizeof(nh_str));
+                       }
                        zlog_debug("es %s nhg 0x%x add %s",
                                        es->esi_str, es->nhg_id, nh_str);
                }
@@ -1729,8 +1732,8 @@ void zebra_evpn_es_if_oper_state_change(struct zebra_if *zif, bool up)
                zebra_evpn_es_send_add_to_client(es);
 }
 
-static char *zebra_evpn_es_vtep_str(char *vtep_str,
-               struct zebra_evpn_es *es)
+static char *zebra_evpn_es_vtep_str(char *vtep_str, struct zebra_evpn_es *es,
+                                   uint8_t vtep_str_size)
 {
        struct zebra_evpn_es_vtep *zvtep;
        struct listnode *node;
@@ -1740,11 +1743,12 @@ static char *zebra_evpn_es_vtep_str(char *vtep_str,
        for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list, node, zvtep)) {
                if (first) {
                        first = false;
-                       sprintf(vtep_str + strlen(vtep_str), "%s",
-                                       inet_ntoa(zvtep->vtep_ip));
+                       strlcat(vtep_str, inet_ntoa(zvtep->vtep_ip),
+                               vtep_str_size);
                } else {
-                       sprintf(vtep_str + strlen(vtep_str), ",%s",
-                                       inet_ntoa(zvtep->vtep_ip));
+                       strlcat(vtep_str, ",", vtep_str_size);
+                       strlcat(vtep_str, inet_ntoa(zvtep->vtep_ip),
+                               vtep_str_size);
                }
        }
        return vtep_str;
@@ -1761,11 +1765,11 @@ static void zebra_evpn_es_show_entry(struct vty *vty,
        } else {
                type_str[0] = '\0';
                if (es->flags & ZEBRA_EVPNES_LOCAL)
-                       strcpy(type_str + strlen(type_str), "L");
+                       strlcat(type_str, "L", sizeof(type_str));
                if (es->flags & ZEBRA_EVPNES_REMOTE)
-                       strcpy(type_str + strlen(type_str), "R");
+                       strlcat(type_str, "R", sizeof(type_str));
 
-               zebra_evpn_es_vtep_str(vtep_str, es);
+               zebra_evpn_es_vtep_str(vtep_str, es, sizeof(vtep_str));
 
                vty_out(vty, "%-30s %-4s %-21s %s\n",
                                es->esi_str, type_str,
@@ -1786,11 +1790,11 @@ static void zebra_evpn_es_show_entry_detail(struct vty *vty,
        } else {
                type_str[0] = '\0';
                if (es->flags & ZEBRA_EVPNES_LOCAL)
-                       strcpy(type_str + strlen(type_str), "Local");
+                       strlcat(type_str, "Local", sizeof(type_str));
                if (es->flags & ZEBRA_EVPNES_REMOTE) {
-                       if (strlen(type_str))
-                               strcpy(type_str + strlen(type_str), ",");
-                       strcpy(type_str + strlen(type_str), "Remote");
+                       if (strnlen(type_str, sizeof(type_str)))
+                               strlcat(type_str, ",", sizeof(type_str));
+                       strlcat(type_str, "Remote", sizeof(type_str));
                }
 
                vty_out(vty, "ESI: %s\n", es->esi_str);

diff --git a/zebra/zebra_vxlan.c b/zebra/zebra_vxlan.c
index 5f6c94c323622770f00671315e7e39932aa013b2..0154cda0c59c7661acc164fd262065525ab03c58 100644 (file)
--- a/zebra/zebra_vxlan.c
+++ b/zebra/zebra_vxlan.c
@@ -893,9 +893,10 @@ static void zvni_print_neigh_hdr(struct vty *vty,
                "State", "MAC", "Remote ES/VTEP", "Seq #'s");
 }
 
-static char *zvni_print_neigh_flags(zebra_neigh_t *n, char *flags_buf)
+static char *zvni_print_neigh_flags(zebra_neigh_t *n, char *flags_buf,
+               uint32_t flags_buf_sz)
 {
-       sprintf(flags_buf, "%s%s%s",
+       snprintf(flags_buf, flags_buf_sz, "%s%s%s",
                        (n->flags & ZEBRA_NEIGH_ES_PEER_ACTIVE) ?
                        "P" : "",
                        (n->flags & ZEBRA_NEIGH_ES_PEER_PROXY) ?
@@ -937,8 +938,9 @@ static void zvni_print_neigh_hash(struct hash_bucket *bucket, void *ctxt)
                if (json_vni == NULL) {
                        vty_out(vty, "%*s %-6s %-5s %-8s %-17s %-30s %u/%u\n",
                                -wctx->addr_width, buf2, "local",
-                               zvni_print_neigh_flags(n, flags_buf),
-                               state_str, buf1, "", n->loc_seq, n->rem_seq);
+                               zvni_print_neigh_flags(n, flags_buf,
+                                       sizeof(flags_buf)), state_str,
+                               buf1, "", n->loc_seq, n->rem_seq);
                } else {
                        json_object_string_add(json_row, "type", "local");
                        json_object_string_add(json_row, "state", state_str);
@@ -971,7 +973,8 @@ static void zvni_print_neigh_hash(struct hash_bucket *bucket, void *ctxt)
                                zvni_print_neigh_hdr(vty, wctx);
                        vty_out(vty, "%*s %-6s %-5s %-8s %-17s %-30s %u/%u\n",
                                -wctx->addr_width, buf2, "remote",
-                               zvni_print_neigh_flags(n, flags_buf),
+                               zvni_print_neigh_flags(n, flags_buf,
+                                       sizeof(flags_buf)),
                                state_str, buf1,
                                n->mac->es ? n->mac->es->esi_str :
                                inet_ntoa(n->r_vtep_ip),
@@ -1504,9 +1507,10 @@ static void zvni_print_mac(zebra_mac_t *mac, void *ctxt, json_object *json)
        }
 }
 
-static char *zvni_print_mac_flags(zebra_mac_t *mac, char *flags_buf)
+static char *zvni_print_mac_flags(zebra_mac_t *mac, char *flags_buf,
+       uint32_t flags_buf_sz)
 {
-       sprintf(flags_buf, "%s%s%s%s",
+       snprintf(flags_buf, flags_buf_sz, "%s%s%s%s",
                        mac->sync_neigh_cnt ?
                        "N" : "",
                        (mac->flags & ZEBRA_MAC_ES_PEER_ACTIVE) ?
@@ -1551,7 +1555,8 @@ static void zvni_print_mac_hash(struct hash_bucket *bucket, void *ctxt)
                                &ifp, &vid);
                if (json_mac_hdr == NULL) {
                        vty_out(vty, "%-17s %-6s %-5s %-30s", buf1, "local",
-                                       zvni_print_mac_flags(mac, flags_buf),
+                                       zvni_print_mac_flags(mac, flags_buf,
+                                               sizeof(flags_buf)),
                                        ifp ? ifp->name : "-");
                } else {
                        json_object_string_add(json_mac, "type", "local");
@@ -1606,7 +1611,8 @@ static void zvni_print_mac_hash(struct hash_bucket *bucket, void *ctxt)
                        }
                        vty_out(vty, "%-17s %-6s %-5s %-30s %-5s %u/%u\n", buf1,
                                "remote",
-                               zvni_print_mac_flags(mac, flags_buf),
+                               zvni_print_mac_flags(mac, flags_buf,
+                                       sizeof(flags_buf)),
                                mac->es ?  mac->es->esi_str :
                                inet_ntoa(mac->fwd_info.r_vtep_ip),
                                "", mac->loc_seq, mac->rem_seq);
@@ -9472,7 +9478,7 @@ void zebra_vxlan_remote_macip_add(ZAPI_HANDLER_ARGS)
                        if (memcmp(&esi, zero_esi, sizeof(esi_t)))
                                esi_to_str(&esi, esi_buf, sizeof(esi_buf));
                        else
-                               strcpy(esi_buf, "-");
+                               strlcpy(esi_buf, "-", ESI_STR_LEN);
                        zlog_debug(
                                "Recv %sMACIP ADD VNI %u MAC %s%s%s flags 0x%x seq %u VTEP %s ESI %s from %s",
                                (flags & ZEBRA_MACIP_TYPE_SYNC_PATH) ?