From e9b6ea3bdc25d4ed6e961fc71a6254dd20a956e2 Mon Sep 17 00:00:00 2001 From: Luca Guerra Date: Thu, 19 Oct 2023 07:36:14 +0000 Subject: [PATCH 1/3] update(engine): remove banned.h Signed-off-by: Luca Guerra --- userspace/engine/banned.h | 48 ---------------------- userspace/engine/evttype_index_ruleset.cpp | 1 - userspace/engine/falco_engine.cpp | 1 - userspace/engine/falco_utils.cpp | 1 - userspace/engine/formats.cpp | 1 - userspace/engine/json_evt.cpp | 1 - userspace/falco/configuration.cpp | 1 - userspace/falco/event_drops.cpp | 1 - userspace/falco/falco.cpp | 1 - userspace/falco/falco_outputs.cpp | 2 - userspace/falco/grpc_context.cpp | 1 - userspace/falco/grpc_server.cpp | 1 - userspace/falco/grpc_server_impl.cpp | 1 - userspace/falco/logger.cpp | 1 - userspace/falco/outputs_file.cpp | 1 - userspace/falco/outputs_grpc.cpp | 1 - userspace/falco/outputs_http.cpp | 1 - userspace/falco/outputs_program.cpp | 1 - userspace/falco/outputs_stdout.cpp | 1 - userspace/falco/outputs_syslog.cpp | 1 - userspace/falco/stats_writer.cpp | 1 - 21 files changed, 69 deletions(-) delete mode 100644 userspace/engine/banned.h diff --git a/userspace/engine/banned.h b/userspace/engine/banned.h deleted file mode 100644 index 31ee57a83ef..00000000000 --- a/userspace/engine/banned.h +++ /dev/null @@ -1,48 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -/* -Copyright (C) 2023 The Falco Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -#pragma once - -// BAN macro defines `function` as an invalid token that says using -// the function is banned. This throws a compile time error when the -// function is used. -#define BAN(function) using_##function##_is_banned - -// BAN_ALTERNATIVE is same as BAN but the message also provides an alternative -// function that the user could use instead of the banned function. -#define BAN_ALTERNATIVE(function, alternative) using_##function##_is_banned__use_##alternative##_instead - -#undef strcpy -#define strcpy(a, b) BAN(strcpy) - -#undef vsprintf -#define vsprintf(a, b, c) BAN_ALTERNATIVE(vsprintf, vsnprintf) - -#undef sprintf -#define sprintf(a, b, ...) BAN_ALTERNATIVE(sprintf, snprintf) - -#undef strcat -#define strcat(a, b) BAN(strcat) - -#undef strncpy -#define strncpy(a, b, c) BAN(strncpy) - -#undef swprintf -#define swprintf(a, b, c, ...) BAN_ALTERNATIVE(swprintf, snprintf) - -#undef vswprintf -#define vswprintf(a, b, c, d) BAN_ALTERNATIVE(vswprintf, vsnprintf) diff --git a/userspace/engine/evttype_index_ruleset.cpp b/userspace/engine/evttype_index_ruleset.cpp index 4a4311973e3..c67ea08e234 100644 --- a/userspace/engine/evttype_index_ruleset.cpp +++ b/userspace/engine/evttype_index_ruleset.cpp @@ -16,7 +16,6 @@ limitations under the License. */ #include "evttype_index_ruleset.h" -#include "banned.h" // This raises a compilation error when certain functions are used #include diff --git a/userspace/engine/falco_engine.cpp b/userspace/engine/falco_engine.cpp index 422d8664843..2c5e5df7873 100644 --- a/userspace/engine/falco_engine.cpp +++ b/userspace/engine/falco_engine.cpp @@ -44,7 +44,6 @@ limitations under the License. #include "formats.h" #include "utils.h" -#include "banned.h" // This raises a compilation error when certain functions are used #include "evttype_index_ruleset.h" const std::string falco_engine::s_default_ruleset = "falco-default-ruleset"; diff --git a/userspace/engine/falco_utils.cpp b/userspace/engine/falco_utils.cpp index 90effe1426b..a52cf5918ea 100644 --- a/userspace/engine/falco_utils.cpp +++ b/userspace/engine/falco_utils.cpp @@ -22,7 +22,6 @@ limitations under the License. #include "falco_utils.h" #include "utils.h" -#include "banned.h" // This raises a compilation error when certain functions are used #include diff --git a/userspace/engine/formats.cpp b/userspace/engine/formats.cpp index 90877f60e67..106a58b7665 100644 --- a/userspace/engine/formats.cpp +++ b/userspace/engine/formats.cpp @@ -19,7 +19,6 @@ limitations under the License. #include "formats.h" #include "falco_engine.h" -#include "banned.h" // This raises a compilation error when certain functions are used falco_formats::falco_formats(std::shared_ptr engine, bool json_include_output_property, diff --git a/userspace/engine/json_evt.cpp b/userspace/engine/json_evt.cpp index 9a5b843327f..4a48b80c335 100644 --- a/userspace/engine/json_evt.cpp +++ b/userspace/engine/json_evt.cpp @@ -22,7 +22,6 @@ limitations under the License. #include "falco_common.h" #include "json_evt.h" -#include "banned.h" // This raises a compilation error when certain functions are used using json = nlohmann::json; using namespace std; diff --git a/userspace/falco/configuration.cpp b/userspace/falco/configuration.cpp index 62c8084fb5c..365ebf78e25 100644 --- a/userspace/falco/configuration.cpp +++ b/userspace/falco/configuration.cpp @@ -30,7 +30,6 @@ limitations under the License. #include "configuration.h" #include "logger.h" -#include "banned.h" // This raises a compilation error when certain functions are used falco_configuration::falco_configuration(): m_json_output(false), diff --git a/userspace/falco/event_drops.cpp b/userspace/falco/event_drops.cpp index 07509050e7f..7d66156f8fe 100644 --- a/userspace/falco/event_drops.cpp +++ b/userspace/falco/event_drops.cpp @@ -17,7 +17,6 @@ limitations under the License. #include "event_drops.h" #include "falco_common.h" -#include "banned.h" // This raises a compilation error when certain functions are used syscall_evt_drop_mgr::syscall_evt_drop_mgr(): m_num_syscall_evt_drops(0), diff --git a/userspace/falco/falco.cpp b/userspace/falco/falco.cpp index c12040eed7b..f966c0f1b3d 100644 --- a/userspace/falco/falco.cpp +++ b/userspace/falco/falco.cpp @@ -22,7 +22,6 @@ limitations under the License. #include "app/app.h" #include "logger.h" -#include "banned.h" // This raises a compilation error when certain functions are used static void display_fatal_err(const std::string &&msg) { diff --git a/userspace/falco/falco_outputs.cpp b/userspace/falco/falco_outputs.cpp index c14efcc6d1c..f50f06b4377 100644 --- a/userspace/falco/falco_outputs.cpp +++ b/userspace/falco/falco_outputs.cpp @@ -35,8 +35,6 @@ limitations under the License. #include "outputs_grpc.h" #endif -#include "banned.h" // This raises a compilation error when certain functions are used - static const char* s_internal_source = "internal"; falco_outputs::falco_outputs( diff --git a/userspace/falco/grpc_context.cpp b/userspace/falco/grpc_context.cpp index 0709274afa2..dc0989166bf 100644 --- a/userspace/falco/grpc_context.cpp +++ b/userspace/falco/grpc_context.cpp @@ -18,7 +18,6 @@ limitations under the License. #include #include "grpc_context.h" -#include "banned.h" // This raises a compilation error when certain functions are used falco::grpc::context::context(::grpc::ServerContext* ctx): m_ctx(ctx) diff --git a/userspace/falco/grpc_server.cpp b/userspace/falco/grpc_server.cpp index a62dc4870e6..8e511b46831 100644 --- a/userspace/falco/grpc_server.cpp +++ b/userspace/falco/grpc_server.cpp @@ -25,7 +25,6 @@ limitations under the License. #include "grpc_server.h" #include "grpc_request_context.h" #include "falco_utils.h" -#include "banned.h" // This raises a compilation error when certain functions are used #define REGISTER_STREAM(req, res, svc, rpc, impl, num) \ std::vector> rpc##_contexts(num); \ diff --git a/userspace/falco/grpc_server_impl.cpp b/userspace/falco/grpc_server_impl.cpp index ee03e95fcbf..8f03be28c69 100644 --- a/userspace/falco/grpc_server_impl.cpp +++ b/userspace/falco/grpc_server_impl.cpp @@ -21,7 +21,6 @@ limitations under the License. #include "grpc_server_impl.h" #include "grpc_queue.h" #include "logger.h" -#include "banned.h" // This raises a compilation error when certain functions are used bool falco::grpc::server_impl::is_running() { diff --git a/userspace/falco/logger.cpp b/userspace/falco/logger.cpp index 48ffd601616..1b99f6e007c 100644 --- a/userspace/falco/logger.cpp +++ b/userspace/falco/logger.cpp @@ -19,7 +19,6 @@ limitations under the License. #include "logger.h" #include "falco_common.h" -#include "banned.h" // This raises a compilation error when certain functions are used int falco_logger::level = LOG_INFO; bool falco_logger::time_format_iso_8601 = false; diff --git a/userspace/falco/outputs_file.cpp b/userspace/falco/outputs_file.cpp index c6131a33602..40a043d567e 100644 --- a/userspace/falco/outputs_file.cpp +++ b/userspace/falco/outputs_file.cpp @@ -18,7 +18,6 @@ limitations under the License. #include "outputs_file.h" #include #include -#include "banned.h" // This raises a compilation error when certain functions are used void falco::outputs::output_file::open_file() { diff --git a/userspace/falco/outputs_grpc.cpp b/userspace/falco/outputs_grpc.cpp index 5ffb80b1500..13da0d3f239 100644 --- a/userspace/falco/outputs_grpc.cpp +++ b/userspace/falco/outputs_grpc.cpp @@ -20,7 +20,6 @@ limitations under the License. #include "grpc_queue.h" #include "falco_common.h" #include "formats.h" -#include "banned.h" // This raises a compilation error when certain functions are used #if __has_attribute(deprecated) #define DISABLE_WARNING_PUSH _Pragma("GCC diagnostic push") diff --git a/userspace/falco/outputs_http.cpp b/userspace/falco/outputs_http.cpp index e735b235b58..e038008ba55 100644 --- a/userspace/falco/outputs_http.cpp +++ b/userspace/falco/outputs_http.cpp @@ -17,7 +17,6 @@ limitations under the License. #include "outputs_http.h" #include "logger.h" -#include "banned.h" // This raises a compilation error when certain functions are used #define CHECK_RES(fn) res = res == CURLE_OK ? fn : res diff --git a/userspace/falco/outputs_program.cpp b/userspace/falco/outputs_program.cpp index cc7f44c9292..e87bac11e56 100644 --- a/userspace/falco/outputs_program.cpp +++ b/userspace/falco/outputs_program.cpp @@ -17,7 +17,6 @@ limitations under the License. #include "outputs_program.h" #include -#include "banned.h" // This raises a compilation error when certain functions are used void falco::outputs::output_program::open_pfile() { diff --git a/userspace/falco/outputs_stdout.cpp b/userspace/falco/outputs_stdout.cpp index 9eb8e957c67..e63610b82d9 100644 --- a/userspace/falco/outputs_stdout.cpp +++ b/userspace/falco/outputs_stdout.cpp @@ -17,7 +17,6 @@ limitations under the License. #include "outputs_stdout.h" #include -#include "banned.h" // This raises a compilation error when certain functions are used void falco::outputs::output_stdout::output(const message *msg) { diff --git a/userspace/falco/outputs_syslog.cpp b/userspace/falco/outputs_syslog.cpp index 99578d3e46d..3637b2f9849 100644 --- a/userspace/falco/outputs_syslog.cpp +++ b/userspace/falco/outputs_syslog.cpp @@ -17,7 +17,6 @@ limitations under the License. #include "outputs_syslog.h" #include -#include "banned.h" // This raises a compilation error when certain functions are used void falco::outputs::output_syslog::output(const message *msg) { diff --git a/userspace/falco/stats_writer.cpp b/userspace/falco/stats_writer.cpp index 5748690eaf1..f085d98d9de 100644 --- a/userspace/falco/stats_writer.cpp +++ b/userspace/falco/stats_writer.cpp @@ -26,7 +26,6 @@ limitations under the License. #include "falco_common.h" #include "stats_writer.h" #include "logger.h" -#include "banned.h" // This raises a compilation error when certain functions are used #include "config_falco.h" // note: ticker_t is an uint16_t, which is enough because we don't care about From c27afe06c05fc59fe869be0d90f6e72708f2a4a2 Mon Sep 17 00:00:00 2001 From: Luca Guerra Date: Thu, 19 Oct 2023 07:36:34 +0000 Subject: [PATCH 2/3] new(ci): add semgrep to check for banned functions Signed-off-by: Luca Guerra --- .github/workflows/insecure-api.yaml | 26 ++++++++ semgrep/insecure-api-gets.yaml | 44 ++++++++++++++ semgrep/insecure-api-sprintf-vsprintf.yaml | 57 ++++++++++++++++++ .../insecure-api-strcpy-stpcpy-strcat.yaml | 59 +++++++++++++++++++ semgrep/insecure-api-strn.yaml | 18 ++++++ 5 files changed, 204 insertions(+) create mode 100644 .github/workflows/insecure-api.yaml create mode 100644 semgrep/insecure-api-gets.yaml create mode 100644 semgrep/insecure-api-sprintf-vsprintf.yaml create mode 100644 semgrep/insecure-api-strcpy-stpcpy-strcat.yaml create mode 100644 semgrep/insecure-api-strn.yaml diff --git a/.github/workflows/insecure-api.yaml b/.github/workflows/insecure-api.yaml new file mode 100644 index 00000000000..8fbf02aa3f7 --- /dev/null +++ b/.github/workflows/insecure-api.yaml @@ -0,0 +1,26 @@ +name: Insecure API check +on: + pull_request: + branches: + - master + - 'release/**' + - 'maintainers/**' + +jobs: + insecure-api: + name: check-insecure-api + runs-on: ubuntu-latest + container: + image: returntocorp/semgrep:1.41.0@sha256:85956fbe795a0e8a3825d5252f175887c0e0c6ce7a766a07062c0fb68415cd67 + steps: + - name: Checkout Falco ⤵️ + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + with: + fetch-depth: 0 + - name: Scan PR for insecure API usage 🕵️ + run: | + semgrep scan \ + --error \ + --metrics=off \ + --baseline-commit ${{ github.event.pull_request.base.sha }} \ + --config=./semgrep diff --git a/semgrep/insecure-api-gets.yaml b/semgrep/insecure-api-gets.yaml new file mode 100644 index 00000000000..c393e6793b0 --- /dev/null +++ b/semgrep/insecure-api-gets.yaml @@ -0,0 +1,44 @@ +# MIT License +# +# Copyright (c) 2022 raptor +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +rules: + - id: raptor-insecure-api-gets + metadata: + author: Marco Ivaldi + references: + - https://cwe.mitre.org/data/definitions/242 + - https://cwe.mitre.org/data/definitions/120 + confidence: HIGH + message: >- + The program calls a function that can never be guaranteed to work + safely. + Certain functions behave in dangerous ways regardless of how they are + used. Functions in this category were often implemented without + taking security concerns into account. The gets() function is unsafe + because it does not perform bounds checking on the size of its input. + An attacker can easily send arbitrarily-sized input to gets() and + overflow the destination buffer. + severity: ERROR + languages: + - c + - cpp + pattern: gets(...) diff --git a/semgrep/insecure-api-sprintf-vsprintf.yaml b/semgrep/insecure-api-sprintf-vsprintf.yaml new file mode 100644 index 00000000000..b5a6f59fb77 --- /dev/null +++ b/semgrep/insecure-api-sprintf-vsprintf.yaml @@ -0,0 +1,57 @@ +# MIT License +# +# Copyright (c) 2022 raptor +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +rules: + - id: raptor-insecure-api-sprintf-vsprintf + metadata: + author: Marco Ivaldi + references: + - https://cwe.mitre.org/data/definitions/676 + - https://cwe.mitre.org/data/definitions/120 + - https://cwe.mitre.org/data/definitions/787 + - https://g.co/kgs/PCHQjJ + confidence: HIGH + message: >- + The program invokes a potentially dangerous function that could + introduce a vulnerability if it is used incorrectly, but the function + can also be used safely. + A buffer overflow condition exists when a program attempts to put + more data in a buffer than it can hold, or when a program attempts to + put data in a memory area outside of the boundaries of a buffer. The + simplest type of error, and the most common cause of buffer + overflows, is the classic case in which the program copies the buffer + without restricting how much is copied. Other variants exist, but the + existence of a classic overflow strongly suggests that the programmer + is not considering even the most basic of security protections. + severity: ERROR + languages: + - c + - cpp + patterns: + - pattern-either: + - pattern: sprintf($BUF, $FMT, ...) + - pattern: vsprintf($BUF, $FMT, ...) + # swprintf() and vswprintf() should have a size parameter + - metavariable-regex: + metavariable: $FMT + # NOTE: some format string modifiers are not handled + regex: '(".*%l?s.*"|".*%S.*"|[a-zA-Z_][a-zA-Z0-9_]*)' diff --git a/semgrep/insecure-api-strcpy-stpcpy-strcat.yaml b/semgrep/insecure-api-strcpy-stpcpy-strcat.yaml new file mode 100644 index 00000000000..f662c535249 --- /dev/null +++ b/semgrep/insecure-api-strcpy-stpcpy-strcat.yaml @@ -0,0 +1,59 @@ +# MIT License +# +# Copyright (c) 2022 raptor +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +rules: + - id: raptor-insecure-api-strcpy-stpcpy-strcat + metadata: + author: Marco Ivaldi + references: + - https://cwe.mitre.org/data/definitions/676 + - https://cwe.mitre.org/data/definitions/120 + - https://cwe.mitre.org/data/definitions/787 + - https://g.co/kgs/PCHQjJ + confidence: HIGH + message: >- + The program invokes a potentially dangerous function that could + introduce a vulnerability if it is used incorrectly, but the function + can also be used safely. + A buffer overflow condition exists when a program attempts to put + more data in a buffer than it can hold, or when a program attempts to + put data in a memory area outside of the boundaries of a buffer. The + simplest type of error, and the most common cause of buffer + overflows, is the classic case in which the program copies the buffer + without restricting how much is copied. Other variants exist, but the + existence of a classic overflow strongly suggests that the programmer + is not considering even the most basic of security protections. + + In the Falco codebase you can use the safer alternative strlcpy(). + severity: ERROR + languages: + - c + - cpp + patterns: + - pattern-either: + - pattern: strcpy(...) + - pattern: stpcpy(...) + - pattern: strcat(...) + - pattern: wcscpy(...) + - pattern: wcpcpy(...) + - pattern: wcscat(...) + - pattern-not: $FUN($BUF, "...", ...) diff --git a/semgrep/insecure-api-strn.yaml b/semgrep/insecure-api-strn.yaml new file mode 100644 index 00000000000..0f532e9847f --- /dev/null +++ b/semgrep/insecure-api-strn.yaml @@ -0,0 +1,18 @@ +rules: + - id: falco-insecure-api-strn + metadata: + references: + - https://cwe.mitre.org/data/definitions/120 + confidence: HIGH + message: >- + The libc function strncpy and strncat are not used in the Falco codebase as they are error prone. + Read more: https://www.cisa.gov/uscert/bsi/articles/knowledge/coding-practices/strncpy-and-strncat . + In the Falco codebase you can use the safer alternatives strlcpy() and strlcat(). + severity: ERROR + languages: + - c + - cpp + patterns: + - pattern-either: + - pattern: strncpy(...) + - pattern: strncat(...) From 7ccfeb6fe8e855694445c8c1e2b06d4a304185da Mon Sep 17 00:00:00 2001 From: Luca Guerra Date: Thu, 19 Oct 2023 08:07:53 +0000 Subject: [PATCH 3/3] cleanup(engine): strncpy -> strlcpy Signed-off-by: Luca Guerra --- userspace/falco/stats_writer.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/userspace/falco/stats_writer.cpp b/userspace/falco/stats_writer.cpp index f085d98d9de..aa731794885 100644 --- a/userspace/falco/stats_writer.cpp +++ b/userspace/falco/stats_writer.cpp @@ -27,6 +27,7 @@ limitations under the License. #include "stats_writer.h" #include "logger.h" #include "config_falco.h" +#include "strl.h" // note: ticker_t is an uint16_t, which is enough because we don't care about // overflows here. Threads calling stats_writer::handle() will just @@ -308,7 +309,7 @@ void stats_writer::collector::get_metrics_output_fields_additional( for(uint32_t stat = 0; stat < nstats; stat++) { char metric_name[STATS_NAME_MAX] = "falco."; - strncat(metric_name, utilization[stat].name, sizeof(metric_name) - strlen(metric_name) - 1); + strlcat(metric_name, utilization[stat].name, sizeof(metric_name)); switch(utilization[stat].type) { case STATS_VALUE_TYPE_U64: @@ -384,7 +385,7 @@ void stats_writer::collector::get_metrics_output_fields_additional( // todo: as we expand scap_stats_v2 prefix may be pushed to scap or we may need to expand // functionality here for example if we add userspace syscall counters that should be prefixed w/ `falco.` char metric_name[STATS_NAME_MAX] = "scap."; - strncat(metric_name, stats_v2[stat].name, sizeof(metric_name) - strlen(metric_name) - 1); + strlcat(metric_name, stats_v2[stat].name, sizeof(metric_name)); switch(stats_v2[stat].type) { case STATS_VALUE_TYPE_U64: