| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 21 Jan 2023 12:32:22 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: linux-ext4@...r.kernel.org
Subject: [PATCH 30/38] misc/fuse2fs: avoid error-prone strncpy() pattern
From: Eric Biggers <ebiggers@...gle.com>
'strncpy(dst, src, strlen(src))' is usually wrong, as it doesn't copy
the null terminator. For this reason, it causes a -Wstringop-truncation
warning with gcc 8 and later.
The code happens to be correct anyway, since the destination buffer is
zero-initialized. But to avoid relying on this, let's just copy the
terminating null.
Signed-off-by: Eric Biggers <ebiggers@...gle.com>
---
misc/fuse2fs.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c
index c59572129..6d4bcf4fd 100644
--- a/misc/fuse2fs.c
+++ b/misc/fuse2fs.c
@@ -2508,9 +2508,10 @@ static int copy_names(char *name, char *value EXT2FS_ATTR((unused)),
size_t value_len EXT2FS_ATTR((unused)), void *data)
{
char **b = data;
+ size_t name_len = strlen(name);
- strncpy(*b, name, strlen(name));
- *b = *b + strlen(name) + 1;
+ memcpy(*b, name, name_len + 1);
+ *b = *b + name_len + 1;
return 0;
}
--
2.39.0
Powered by blists - more mailing lists