[PATCH rpcd] sys: mitigate possible strncpy string truncation
Jo-Philipp Wich
jo at mein.io
Wed Aug 24 01:35:45 PDT 2022
Hi,
comment below.
~ Jo
On 8/24/22 10:14 AM, Petr Štetiar wrote:
> [...]
> --- a/sys.c
> +++ b/sys.c
> @@ -224,7 +224,8 @@ procstr:
> continue;
>
> if (!strcmp(var, "Package:")) {
> - strncpy(pkg, p1, sizeof(pkg));
> + strncpy(pkg, p1, sizeof(pkg) - 1);
> + pkg[sizeof(pkg) - 1] = '\0';
I suggest to change declarations of `pkg` and `ver` to:
char pkg[128] = { 0 }, ver[128] = { 0 };
This way you can omit this explicit '\0' assignment since the dest char array
will be zero initialized and the `sizeof(...) - 1` above will ensure that the
last '\0' is never overwritten.
> continue;
> }
>
> @@ -241,7 +242,8 @@ procstr:
> }
>
> if (!strcmp(var, "Version:")) {
> - strncpy(ver, p1, sizeof(ver));
> + strncpy(ver, p1, sizeof(ver) - 1);
> + ver[sizeof(ver) - 1] = '\0';
> continue;
> }
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20220824/0eacf7cb/attachment.sig>
More information about the openwrt-devel
mailing list