[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2 2/5] linux-user: avoid string truncation warn
|
From: |
Laurent Vivier |
|
Subject: |
Re: [Qemu-devel] [PATCH v2 2/5] linux-user: avoid string truncation warnings in elf field copying |
|
Date: |
Fri, 12 Apr 2019 14:32:28 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 |
On 12/04/2019 14:16, Daniel P. Berrangé wrote:
> In file included from /usr/include/string.h:494,
> from include/qemu/osdep.h:101,
> from linux-user/elfload.c:2:
> In function ‘strncpy’,
> inlined from ‘fill_psinfo’ at linux-user/elfload.c:3208:12,
> inlined from ‘fill_note_info’ at linux-user/elfload.c:3390:5,
> inlined from ‘elf_core_dump’ at linux-user/elfload.c:3539:9:
> /usr/include/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’
> specified bound 16 equals destination size [-Wstringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos
> (__dest));
> |
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> We don't require the field to be NUL terminated, so can just
> copy the lower of the string length and the target field size
> using memcpy.
>
> Signed-off-by: Daniel P. Berrangé <address@hidden>
> ---
> linux-user/elfload.c | 10 ++++------
> 1 file changed, 4 insertions(+), 6 deletions(-)
>
> diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> index c1a26021f8..caa060f7b7 100644
> --- a/linux-user/elfload.c
> +++ b/linux-user/elfload.c
> @@ -3180,6 +3180,7 @@ static int fill_psinfo(struct target_elf_prpsinfo
> *psinfo, const TaskState *ts)
> {
> char *base_filename;
> unsigned int i, len;
> + size_t pathlen;
>
> (void) memset(psinfo, 0, sizeof (*psinfo));
>
> @@ -3201,12 +3202,9 @@ static int fill_psinfo(struct target_elf_prpsinfo
> *psinfo, const TaskState *ts)
> psinfo->pr_gid = getgid();
>
> base_filename = g_path_get_basename(ts->bprm->filename);
> - /*
> - * Using strncpy here is fine: at max-length,
> - * this field is not NUL-terminated.
> - */
Keep and update the comment, it explains why we don't need to add the
NUL at the end when MIN() is sizeof(psinfo->pr_fname).
> - (void) strncpy(psinfo->pr_fname, base_filename,
> - sizeof(psinfo->pr_fname));
> + pathlen = strlen(base_filename) + 1;
> + pathlen = MIN(pathlen, sizeof(psinfo->pr_fname));
> + memcpy(psinfo->pr_fname, base_filename, pathlen);
>
> g_free(base_filename);
> bswap_psinfo(psinfo);
>
Thanks,
Laurent
- [Qemu-devel] [PATCH v2 0/5] misc set of fixes for warnings under GCC 9, Daniel P . Berrangé, 2019/04/12
- [Qemu-devel] [PATCH v2 1/5] linux-user: avoid string truncation warnings in uname field copying, Daniel P . Berrangé, 2019/04/12
- [Qemu-devel] [PATCH v2 2/5] linux-user: avoid string truncation warnings in elf field copying, Daniel P . Berrangé, 2019/04/12
- Re: [Qemu-devel] [PATCH v2 2/5] linux-user: avoid string truncation warnings in elf field copying,
Laurent Vivier <=
- [Qemu-devel] [PATCH v2 3/5] sockets: avoid string truncation warnings when copying UNIX path, Daniel P . Berrangé, 2019/04/12
- [Qemu-devel] [PATCH v2 4/5] hw/usb: avoid format truncation warning when formatting port name, Daniel P . Berrangé, 2019/04/12
- [Qemu-devel] [PATCH v2 5/5] qxl: avoid unaligned pointer reads/writes, Daniel P . Berrangé, 2019/04/12