Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

solving out of boundaries vulnerability #3464

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

solving out of boundaries vulnerability #3464

wants to merge 2 commits into from

Conversation

marwanelmessiry
Copy link

What I did
replaced strcpy with strncpy and added last element of the string to be null
Why I did it
to ensure that the string will not get out of boundaries and to ensure last element of the string will be null
How I verified it
by using scurity tool (checkmarx) as it give it to me as vulnerability and by these edits vulnerability was solved

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

prsunny
prsunny approved these changes Jan 13, 2025
View reviewed changes
Copy link
Collaborator

@prsunny prsunny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm. @dgsudharsan , please review

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

prsunny
prsunny reviewed Jan 14, 2025
View reviewed changes
fpmsyncd/routesync.cpp
}


Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please remove extra line

fpmsyncd/routesync.cpp
@@ -2150,11 +2150,15 @@ string RouteSync::getNextHopIf(struct rtnl_route *route_obj)
char if_name[IFNAMSIZ] = "0";

/* If we cannot get the interface name */
if (!getIfName(if_index, if_name, IFNAMSIZ))
if (!getIfName(if_index, if_name, IFNAMSIZ))
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fix alignment

@prsunny prsunny self-requested a review January 15, 2025 18:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dgsudharsan dgsudharsan dgsudharsan approved these changes

@prsunny prsunny Awaiting requested review from prsunny prsunny is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@marwanelmessiry @mssonicbld @dgsudharsan @prsunny