| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 Jul 2018 00:10:23 +0200
From: Samuel Thibault <samuel.thibault@...-lyon.org>
To: Guenter Roeck <linux@...ck-us.net>
Cc: Chris Brannon <chris@...-brannons.com>, devel@...verdev.osuosl.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Kirk Reiser <kirk@...sers.ca>, linux-kernel@...r.kernel.org,
speakup@...ux-speakup.org, William Hubbs <w.d.hubbs@...il.com>
Subject: Re: [PATCH] staging: speakup: Replace strncpy with memcpy
Guenter Roeck, le dim. 01 juil. 2018 13:57:24 -0700, a ecrit:
> gcc 8.1.0 generates the following warnings.
>
> drivers/staging/speakup/kobjects.c: In function 'punc_store':
> drivers/staging/speakup/kobjects.c:522:2: warning:
> 'strncpy' output truncated before terminating nul
> copying as many bytes from a string as its length
> drivers/staging/speakup/kobjects.c:504:6: note: length computed here
>
> drivers/staging/speakup/kobjects.c: In function 'synth_store':
> drivers/staging/speakup/kobjects.c:391:2: warning:
> 'strncpy' output truncated before terminating nul
> copying as many bytes from a string as its length
> drivers/staging/speakup/kobjects.c:388:8: note: length computed here
>
> Using strncpy() is indeed less than perfect since the length of data to
> be copied has already been determined with strlen(). Replace strncpy()
> with memcpy() to address the warning and optimize the code a little.
>
> Signed-off-by: Guenter Roeck <linux@...ck-us.net>
Reviewed-by: Samuel Thibault <samuel.thibault@...-lyon.org>
> ---
> drivers/staging/speakup/kobjects.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/staging/speakup/kobjects.c b/drivers/staging/speakup/kobjects.c
> index f1f90222186b..08f11cc17371 100644
> --- a/drivers/staging/speakup/kobjects.c
> +++ b/drivers/staging/speakup/kobjects.c
> @@ -388,7 +388,7 @@ static ssize_t synth_store(struct kobject *kobj, struct kobj_attribute *attr,
> len = strlen(buf);
> if (len < 2 || len > 9)
> return -EINVAL;
> - strncpy(new_synth_name, buf, len);
> + memcpy(new_synth_name, buf, len);
> if (new_synth_name[len - 1] == '\n')
> len--;
> new_synth_name[len] = '\0';
> @@ -519,7 +519,7 @@ static ssize_t punc_store(struct kobject *kobj, struct kobj_attribute *attr,
> return -EINVAL;
> }
>
> - strncpy(punc_buf, buf, x);
> + memcpy(punc_buf, buf, x);
>
> while (x && punc_buf[x - 1] == '\n')
> x--;
> --
> 2.7.4
>
--
Samuel
Tu as lu les docs. Tu es devenu un informaticien. Que tu le veuilles
ou non. Lire la doc, c'est le Premier et Unique Commandement de
l'informaticien.
-+- TP in: Guide du Linuxien pervers - "L'évangile selon St Thomas"
Powered by blists - more mailing lists