PEL: Change asprintf call to snprintf
A static analysis security scanner (HCL AppScan SAST) flagged the
asprintf call as a vulnerability because the format string is passed in.
While really it isn't an issue because the format string is always
hardcoded in the calling function and isn't input by a user, this commit
changes it anyway to get it off the list.
Use snprintf instead. While it still takes a passed in format string, a
hardcoded maximum length is used so that the scanner shouldn't flag it
as a possible buffer overrun.
Signed-off-by: Matt Spinler <spinler@us.ibm.com>
Change-Id: Ife309b63470536940ac88c27d13fe73716096326
diff --git a/extensions/openpower-pels/json_utils.hpp b/extensions/openpower-pels/json_utils.hpp
index 2065952..c972459 100644
--- a/extensions/openpower-pels/json_utils.hpp
+++ b/extensions/openpower-pels/json_utils.hpp
@@ -2,6 +2,7 @@
#include <ctype.h>
#include <stdio.h>
+#include <string.h>
#include <cstdint>
#include <fstream>
@@ -67,12 +68,13 @@
template <typename T>
std::string getNumberString(const char* format, T number)
{
- char* value = nullptr;
+ constexpr size_t valueSize = 100;
+ char value[valueSize];
std::string numString;
static_assert(std::is_integral<T>::value, "Integral required.");
- int len = asprintf(&value, format, number);
+ int len = snprintf(value, valueSize, format, number);
if (len >= 0)
{
numString = value;
@@ -82,7 +84,6 @@
throw std::invalid_argument(
std::string("getNumberString: invalid format string: ") + format);
}
- free(value);
return numString;
}