diff options
| author | Petr Štetiar <ynezz@true.cz> | 2022-08-24 10:05:33 +0200 |
|---|---|---|
| committer | Petr Štetiar <ynezz@true.cz> | 2022-08-24 12:51:39 +0200 |
| commit | 82904bd4f92e5928d047db6396cc14ca2b07d89f (patch) | |
| tree | 5cfa420e663fe8c8b500f6b7c9209fd53fdb2325 | |
| parent | ae5afea28375e28510f74fd404925ec9b2c4f430 (diff) | |
| download | rpcd-82904bd4f92e5928d047db6396cc14ca2b07d89f.tar.gz | |
sys: mitigate possible strncpy string truncation
gcc 10 with -O2 reports following:
In function ‘strncpy’,
inlined from ‘rpc_sys_packagelist’ at /opt/devel/openwrt/c-projects/rpcd/sys.c:244:4:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 128 equals destination size [-Werror=stringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘strncpy’,
inlined from ‘rpc_sys_packagelist’ at /opt/devel/openwrt/c-projects/rpcd/sys.c:227:4:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 128 equals destination size [-Werror=stringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Since it is not possible to avoid truncation by strncpy, it is necessary
to make sure the result of strncpy is properly NUL-terminated and the
NUL must be inserted explicitly, after strncpy has returned.
References: #10442
Reported-by: Alexey Smirnov <s.alexey@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
| -rw-r--r-- | sys.c | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -172,7 +172,7 @@ rpc_sys_packagelist(struct ubus_context *ctx, struct ubus_object *obj, struct blob_attr *tb[__RPC_PACKAGELIST_MAX]; int all = false; struct blob_buf buf = { 0 }; - char var[256], pkg[128], ver[128]; + char var[256], pkg[128] = { 0 }, ver[128] = { 0 }; char *tmp, *p1, *p2, *p3; void *tbl; @@ -224,7 +224,7 @@ procstr: continue; if (!strcmp(var, "Package:")) { - strncpy(pkg, p1, sizeof(pkg)); + strncpy(pkg, p1, sizeof(pkg) - 1); continue; } @@ -241,7 +241,7 @@ procstr: } if (!strcmp(var, "Version:")) { - strncpy(ver, p1, sizeof(ver)); + strncpy(ver, p1, sizeof(ver) - 1); continue; } |