[PATCH libnl-tiny] genl_family: explicitly null terminate strncpy destination buffer
Petr Štetiar
ynezz at true.cz
Mon May 23 12:15:32 PDT 2022
The strncpy() function doesn't null terminate the destination string if
the source string is at least as long as the destination. (This behavior
is defined by the C99 specification.) As a result, the destination
string must be null terminated after calling strncpy().
And clang11 static analyzer thus reports following:
genl_family.c:148:2: error: ‘strncpy’ output may be truncated copying 15 bytes from a string of length 15 [-Werror=stringop-truncation]
148 | strncpy(grp->name, name, GENL_NAMSIZ - 1);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Cc: Felix Fietkau <nbd at nbd.name>
References: https://gitlab.com/openwrt/project/libnl-tiny/-/jobs/2495301251#L197
Signed-off-by: Petr Štetiar <ynezz at true.cz>
---
genl_family.c | 1 +
include/netlink/genl/family.h | 1 +
2 files changed, 2 insertions(+)
diff --git a/genl_family.c b/genl_family.c
index 221acfa1a7ff..a0d83dc20ce8 100644
--- a/genl_family.c
+++ b/genl_family.c
@@ -146,6 +146,7 @@ int genl_family_add_grp(struct genl_family *family, uint32_t id,
grp->id = id;
strncpy(grp->name, name, GENL_NAMSIZ - 1);
+ grp->name[GENL_NAMSIZ - 1] = '\0';
nl_list_add_tail(&grp->list, &family->gf_mc_grps);
diff --git a/include/netlink/genl/family.h b/include/netlink/genl/family.h
index 8a1a38ba25d5..ca71181e89f3 100644
--- a/include/netlink/genl/family.h
+++ b/include/netlink/genl/family.h
@@ -82,6 +82,7 @@ static inline char *genl_family_get_name(struct genl_family *family)
static inline void genl_family_set_name(struct genl_family *family, const char *name)
{
strncpy(family->gf_name, name, GENL_NAMSIZ-1);
+ family->gf_name[GENL_NAMSIZ - 1] = '\0';
family->ce_mask |= FAMILY_ATTR_NAME;
}
More information about the openwrt-devel
mailing list