| Message ID | d86be0c6c536429f515be080ea43cc7180396476.1721039339.git.ikerpedrosam@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | Fix issues detected by static analyzer | expand |
On Wed, Jul 17, 2024 at 01:36:42PM +0200, Iker Pedrosa wrote: > strncpy() truncates the destination buffer if it isn't large enough to > hold the copy. Thus, let's terminate the strings with a NULL character > at the end. > > Signed-off-by: Iker Pedrosa <ikerpedrosam@gmail.com> > --- > lib/line-info.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/lib/line-info.c b/lib/line-info.c > index 9f53b04..2ded9ea 100644 > --- a/lib/line-info.c > +++ b/lib/line-info.c > @@ -148,10 +148,12 @@ gpiod_line_info_from_uapi(struct gpio_v2_line_info *uapi_info) > memset(info, 0, sizeof(*info)); > > info->offset = uapi_info->offset; > - strncpy(info->name, uapi_info->name, GPIO_MAX_NAME_SIZE); > + strncpy(info->name, uapi_info->name, GPIO_MAX_NAME_SIZE - 1); > + info->name[GPIO_MAX_NAME_SIZE - 1] = '\0'; > Given that uapi_info->name is not NULL terminated, this change can incorrectly discard one character. The correct solution is to increase the size of info->name to allow for the NULL terminator, which would automatically be initialised by the memset. > info->used = !!(uapi_info->flags & GPIO_V2_LINE_FLAG_USED); > - strncpy(info->consumer, uapi_info->consumer, GPIO_MAX_NAME_SIZE); > + strncpy(info->consumer, uapi_info->consumer, GPIO_MAX_NAME_SIZE - 1); > + info->consumer[GPIO_MAX_NAME_SIZE - 1] = '\0'; > Same here. And same in patch 3. Patches 1 and 4 look ok to me. Cheers, Kent. > if (uapi_info->flags & GPIO_V2_LINE_FLAG_OUTPUT) > info->direction = GPIOD_LINE_DIRECTION_OUTPUT; > -- > 2.45.2 >
diff --git a/lib/line-info.c b/lib/line-info.c index 9f53b04..2ded9ea 100644 --- a/lib/line-info.c +++ b/lib/line-info.c @@ -148,10 +148,12 @@ gpiod_line_info_from_uapi(struct gpio_v2_line_info *uapi_info) memset(info, 0, sizeof(*info)); info->offset = uapi_info->offset; - strncpy(info->name, uapi_info->name, GPIO_MAX_NAME_SIZE); + strncpy(info->name, uapi_info->name, GPIO_MAX_NAME_SIZE - 1); + info->name[GPIO_MAX_NAME_SIZE - 1] = '\0'; info->used = !!(uapi_info->flags & GPIO_V2_LINE_FLAG_USED); - strncpy(info->consumer, uapi_info->consumer, GPIO_MAX_NAME_SIZE); + strncpy(info->consumer, uapi_info->consumer, GPIO_MAX_NAME_SIZE - 1); + info->consumer[GPIO_MAX_NAME_SIZE - 1] = '\0'; if (uapi_info->flags & GPIO_V2_LINE_FLAG_OUTPUT) info->direction = GPIOD_LINE_DIRECTION_OUTPUT;
strncpy() truncates the destination buffer if it isn't large enough to hold the copy. Thus, let's terminate the strings with a NULL character at the end. Signed-off-by: Iker Pedrosa <ikerpedrosam@gmail.com> --- lib/line-info.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)