| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 29 Jan 2024 15:15:14 +0100
From: Rodrigo Campos <rodrigo@...g.com.ar>
To: Willy Tarreau <w@....eu>,
Thomas Weißschuh <linux@...ssschuh.net>
Cc: linux-kernel@...r.kernel.org,
Rodrigo Campos <rodrigo@...g.com.ar>
Subject: [PATCH 2/4] tools/nolibc: Fix strlcat() return code and size usage
The return code should always be strlen(src) + strlen(dst), but dst is
considered shorter if size is less than strlen(dst).
While we are there, make sure to copy at most size-1 bytes and
null-terminate the dst buffer.
Signed-off-by: Rodrigo Campos <rodrigo@...g.com.ar>
---
tools/include/nolibc/string.h | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/tools/include/nolibc/string.h b/tools/include/nolibc/string.h
index ed15c22b1b2a..b2149e1342a8 100644
--- a/tools/include/nolibc/string.h
+++ b/tools/include/nolibc/string.h
@@ -187,23 +187,23 @@ char *strndup(const char *str, size_t maxlen)
static __attribute__((unused))
size_t strlcat(char *dst, const char *src, size_t size)
{
- size_t len;
char c;
+ size_t len = strlen(dst);
+ size_t ret = strlen(src) + (size < len? size: len);
- for (len = 0; dst[len]; len++)
- ;
-
- for (;;) {
+ for (;len < size;) {
c = *src;
- if (len < size)
+ if (len < size - 1)
dst[len] = c;
+ if (len == size - 1)
+ dst[len] = '\0';
if (!c)
break;
len++;
src++;
}
- return len;
+ return ret;
}
static __attribute__((unused))
--
2.43.0
Powered by blists - more mailing lists