[Qemu-devel] [PATCHv3 03/20] block: avoid buffer overrun by using pstrcp

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCHv3 03/20] block: avoid buffer overrun by using pstrcp

From:	Jim Meyering
Subject:	[Qemu-devel] [PATCHv3 03/20] block: avoid buffer overrun by using pstrcpy, not strncpy
Date:	Thu, 4 Oct 2012 13:09:46 +0200

From: Jim Meyering <address@hidden>

Also, use PATH_MAX, rather than the arbitrary 1024.
Using PATH_MAX is more consistent with other filename-related
variables in this file, like backing_filename and tmp_filename.

Acked-by: Kevin Wolf <address@hidden>
Signed-off-by: Jim Meyering <address@hidden>
---
 block.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/block.c b/block.c
index 751ebdc..b62432c 100644
--- a/block.c
+++ b/block.c
@@ -1503,7 +1503,7 @@ int bdrv_commit(BlockDriverState *bs)
     int n, ro, open_flags;
     int ret = 0;
     uint8_t *buf;
-    char filename[1024];
+    char filename[PATH_MAX];

     if (!drv)
         return -ENOMEDIUM;
@@ -1517,7 +1517,8 @@ int bdrv_commit(BlockDriverState *bs)
     }

     ro = bs->backing_hd->read_only;
-    strncpy(filename, bs->backing_hd->filename, sizeof(filename));
+    /* Use pstrcpy (not strncpy): filename must be NUL-terminated. */
+    pstrcpy(filename, sizeof(filename), bs->backing_hd->filename);
     open_flags =  bs->backing_hd->open_flags;

     if (ro) {
-- 
1.8.0.rc0.18.gf84667d

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCHv3 00/20] strncpy: best avoided, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 01/20] scsi, pci, qdev, isa-bus, sysbus: don't let *_get_fw_dev_path return NULL, Jim Meyering, 2012/10/04
  - Re: [Qemu-devel] [PATCHv3 01/20] scsi, pci, qdev, isa-bus, sysbus: don't let *_get_fw_dev_path return NULL, Anthony Liguori, 2012/10/05
- [Qemu-devel] [PATCHv3 02/20] sparc: use g_strdup in place of unchecked strdup, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 03/20] block: avoid buffer overrun by using pstrcpy, not strncpy, Jim Meyering <=
- [Qemu-devel] [PATCHv3 05/20] vmdk: relative_path: use pstrcpy in place of strncpy, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 06/20] hw/9pfs: avoid buffer overrun, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 04/20] sheepdog: avoid a few buffer overruns, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 07/20] lm32: avoid buffer overrun, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 10/20] linux-user: remove two unchecked uses of strdup, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 08/20] os-posix: avoid buffer overrun, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 09/20] ppc: avoid buffer overrun: use pstrcpy, not strncpy, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 12/20] bt: replace fragile snprintf use and unwarranted strncpy, Jim Meyering, 2012/10/04
- [Qemu-devel] [PATCHv3 11/20] ui/vnc: simplify and avoid strncpy, Jim Meyering, 2012/10/04
  - Re: [Qemu-devel] [PATCHv3 11/20] ui/vnc: simplify and avoid strncpy, Peter Maydell, 2012/10/04

Prev by Date: [Qemu-devel] [PATCHv3 02/20] sparc: use g_strdup in place of unchecked strdup
Next by Date: [Qemu-devel] [PATCHv3 05/20] vmdk: relative_path: use pstrcpy in place of strncpy
Previous by thread: [Qemu-devel] [PATCHv3 02/20] sparc: use g_strdup in place of unchecked strdup
Next by thread: [Qemu-devel] [PATCHv3 05/20] vmdk: relative_path: use pstrcpy in place of strncpy
Index(es):
- Date
- Thread