From 7852719a86ee92a6876df4cd728029ccbef4edca Mon Sep 17 00:00:00 2001
From: Long Liu <long.liu@intel.com>
Date: Fri, 19 Apr 2019 14:27:14 +0800
Subject: [PATCH] ACRN: tool: Fix buffer overflow risk in acrnctl

There will be a buffer overflow fisk in delete runc functions.
If the shell command function return length longer or equal to
the length of the buffer, at that time execute strstr function it
will cause buffer overflow issue. Set buffer's last byte to Zero
will avoid the risk.

Tracked-On: #3001
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Like Yan <like.yan@intel.com>
---
 tools/acrn-manager/acrnctl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tools/acrn-manager/acrnctl.c b/tools/acrn-manager/acrnctl.c
index 645b9b0ad..20863600b 100644
--- a/tools/acrn-manager/acrnctl.c
+++ b/tools/acrn-manager/acrnctl.c
@@ -455,6 +455,7 @@ static inline int del_runC(char *argv)
 		return -1;
 	}
 	shell_cmd(cmd, cmd_out, sizeof(cmd_out));
+	cmd_out[PATH_LEN * 2 - 1] = '\0';
 	if (strstr(cmd_out, argv) != NULL) {
 		/* If the container is still running stop it by runc pause */
 		if (strstr(cmd_out, "stopped") == NULL) {