From 82904bd4f92e5928d047db6396cc14ca2b07d89f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz>
Date: Wed, 24 Aug 2022 10:05:33 +0200
Subject: sys: mitigate possible strncpy string truncation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

gcc 10 with -O2 reports following:

 In function ‘strncpy’,
     inlined from ‘rpc_sys_packagelist’ at /opt/devel/openwrt/c-projects/rpcd/sys.c:244:4:
 /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 128 equals destination size [-Werror=stringop-truncation]
   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 In function ‘strncpy’,
     inlined from ‘rpc_sys_packagelist’ at /opt/devel/openwrt/c-projects/rpcd/sys.c:227:4:
 /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 128 equals destination size [-Werror=stringop-truncation]
   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Since it is not possible to avoid truncation by strncpy, it is necessary
to make sure the result of strncpy is properly NUL-terminated and the
NUL must be inserted explicitly, after strncpy has returned.

References: #10442
Reported-by: Alexey Smirnov <s.alexey@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
---
 sys.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys.c b/sys.c
index 097e705..42a2fc6 100644
--- a/sys.c
+++ b/sys.c
@@ -172,7 +172,7 @@ rpc_sys_packagelist(struct ubus_context *ctx, struct ubus_object *obj,
 	struct blob_attr *tb[__RPC_PACKAGELIST_MAX];
 	int all = false;
 	struct blob_buf buf = { 0 };
-	char var[256], pkg[128], ver[128];
+	char var[256], pkg[128] = { 0 }, ver[128] = { 0 };
 	char *tmp, *p1, *p2, *p3;
 	void *tbl;
 
@@ -224,7 +224,7 @@ procstr:
 			continue;
 
 		if (!strcmp(var, "Package:")) {
-			strncpy(pkg, p1, sizeof(pkg));
+			strncpy(pkg, p1, sizeof(pkg) - 1);
 			continue;
 		}
 
@@ -241,7 +241,7 @@ procstr:
 		}
 
 		if (!strcmp(var, "Version:")) {
-			strncpy(ver, p1, sizeof(ver));
+			strncpy(ver, p1, sizeof(ver) - 1);
 			continue;
 		}
 
-- 
cgit v1.2.1