From b1b3f76db9b7ee50bf0363979f91e9887837664e Mon Sep 17 00:00:00 2001
From: Jian Jun Chen <jian.jun.chen@intel.com>
Date: Sat, 29 Sep 2018 08:48:06 +0800
Subject: [PATCH] dm: virtio: use strnlen instead of strlen

Use strnlen instead of strlen to avoid potential security issue.

Tracked-On: #1364
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
---
 devicemodel/hw/pci/virtio/virtio_console.c | 3 ++-
 devicemodel/hw/pci/virtio/virtio_input.c   | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/devicemodel/hw/pci/virtio/virtio_console.c b/devicemodel/hw/pci/virtio/virtio_console.c
index 64452dcdba..62794b4273 100644
--- a/devicemodel/hw/pci/virtio/virtio_console.c
+++ b/devicemodel/hw/pci/virtio/virtio_console.c
@@ -40,6 +40,7 @@
 #include <assert.h>
 #include <pthread.h>
 #include <termios.h>
+#include <limits.h>
 
 #include "dm.h"
 #include "pci_core.h"
@@ -326,7 +327,7 @@ virtio_console_announce_port(struct virtio_console_port *port)
 
 	event.event = VIRTIO_CONSOLE_PORT_NAME;
 	virtio_console_control_send(port->console, &event, port->name,
-	    strlen(port->name));
+	    strnlen(port->name, NAME_MAX));
 }
 
 static void
diff --git a/devicemodel/hw/pci/virtio/virtio_input.c b/devicemodel/hw/pci/virtio/virtio_input.c
index f0579292b4..47b289430d 100644
--- a/devicemodel/hw/pci/virtio/virtio_input.c
+++ b/devicemodel/hw/pci/virtio/virtio_input.c
@@ -470,7 +470,8 @@ virtio_input_get_config(struct virtio_input *vi, uint8_t select,
 			cfg->u.string);
 		if (rc >= 0) {
 			cfg->select = VIRTIO_INPUT_CFG_ID_NAME;
-			cfg->size = strlen(cfg->u.string);
+			cfg->size = strnlen(cfg->u.string,
+				sizeof(cfg->u.string));
 			found = true;
 		}
 		break;