| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 May 2018 18:59:41 -0700
From: Nick Desaulniers <nick.desaulniers@...il.com>
To: "Theodore Ts'o" <tytso@....edu>, adilger.kernel@...ger.ca
Cc: Nick Desaulniers <nick.desaulniers@...il.com>,
linux-ext4@...r.kernel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
ebiggers@...gle.com
Subject: Re: [PATCH] ext4: prefer strlcpy to strncpy
On Mon, May 28, 2018 at 11:21 PM, Nick Desaulniers
<nick.desaulniers@...il.com> wrote:
> Fixes a stringop-truncation warning from gcc-8.
>
> Signed-off-by: Nick Desaulniers <nick.desaulniers@...il.com>
> ---
> fs/ext4/super.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
> index eb104e8..d47c85f 100644
> --- a/fs/ext4/super.c
> +++ b/fs/ext4/super.c
> @@ -323,11 +323,11 @@ static void __save_error_info(struct super_block *sb, const char *func,
> return;
> es->s_state |= cpu_to_le16(EXT4_ERROR_FS);
> es->s_last_error_time = cpu_to_le32(get_seconds());
> - strncpy(es->s_last_error_func, func, sizeof(es->s_last_error_func));
> + strlcpy(es->s_last_error_func, func, sizeof(es->s_last_error_func));
> es->s_last_error_line = cpu_to_le32(line);
> if (!es->s_first_error_time) {
> es->s_first_error_time = es->s_last_error_time;
> - strncpy(es->s_first_error_func, func,
> + strlcpy(es->s_first_error_func, func,
> sizeof(es->s_first_error_func));
> es->s_first_error_line = cpu_to_le32(line);
> es->s_first_error_ino = es->s_last_error_ino;
> --
> 2.7.4
>
Eric points out this will leave the rest of dest uninitialized if size
is less than length of src.
Powered by blists - more mailing lists