[03/22] vmdk: relative_path: avoid buffer overrun

Message ID	87y5p1zhbv.fsf@rho.meyering.net
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Jim Meyering <jim@meyering.net> To: Kevin Wolf <kwolf@redhat.com> In-Reply-To: <4FAA3ECA.4010901@redhat.com> (Kevin Wolf's message of "Wed, 09 May 2012 11:54:18 +0200") References: <1336555446-20180-1-git-send-email-jim@meyering.net> <1336555446-20180-4-git-send-email-jim@meyering.net> <4FAA3ECA.4010901@redhat.com> Date: Wed, 09 May 2012 14:09:40 +0200 Message-ID: <87y5p1zhbv.fsf@rho.meyering.net> Lines: 61 MIME-Version: 1.0 Content-Type: text/plain Cc: qemu-devel@nongnu.org Subject: Re: [Qemu-devel] [PATCH 03/22] vmdk: relative_path: avoid buffer overrun Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Message ID

87y5p1zhbv.fsf@rho.meyering.net

State

New

Headers

From: Jim Meyering <jim@meyering.net>
To: Kevin Wolf <kwolf@redhat.com>
In-Reply-To: <4FAA3ECA.4010901@redhat.com> (Kevin Wolf's message of "Wed, 09
	May 2012 11:54:18 +0200")
References: <1336555446-20180-1-git-send-email-jim@meyering.net>
	<1336555446-20180-4-git-send-email-jim@meyering.net>
	<4FAA3ECA.4010901@redhat.com>
Date: Wed, 09 May 2012 14:09:40 +0200
Message-ID: <87y5p1zhbv.fsf@rho.meyering.net>
Lines: 61
MIME-Version: 1.0
Content-Type: text/plain
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 03/22] vmdk: relative_path: avoid buffer
	overrun
Precedence: list
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Commit Message

Jim Meyering May 9, 2012, 12:09 p.m. UTC

Kevin Wolf wrote:
> Am 09.05.2012 11:23, schrieb Jim Meyering:
>> From: Jim Meyering <meyering@redhat.com>
>>
>> strncpy does not guarantee NUL-termination.
>> Setting dest[n-1] = '\0' *before* calling strncpy(dest, src, n-1)
>> is a no-op.  Use pstrcpy to ensure NUL-termination, not strncpy.
>
> It's not, it would only be a no-op before strncpy(dest, src, n). But
> pstrcpy() is definitely nicer.
>
>> Signed-off-by: Jim Meyering <meyering@redhat.com>
>> ---
>>  block/vmdk.c | 3 +--
>>  1 file changed, 1 insertion(+), 2 deletions(-)
>>
>> diff --git a/block/vmdk.c b/block/vmdk.c
>> index 18e9b4c..045e279 100644
>> --- a/block/vmdk.c
>> +++ b/block/vmdk.c
>> @@ -1319,8 +1319,7 @@ static int relative_path(char *dest, int dest_size,
>>          return -1;
>>      }
>>      if (path_is_absolute(target)) {
>> -        dest[dest_size - 1] = '\0';
>> -        strncpy(dest, target, dest_size - 1);
>> +        pstrcpy(dest, dest_size - 1, target);
>
> I think you mean pstrcpy(dest, dest_size, target).

Good points.  Thanks for the review.
Here's the corrected commit:

From 78a367d846c95e84fddc971cbae544f24bc3455f Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Mon, 7 May 2012 12:46:02 +0200
Subject: [PATCH] vmdk: relative_path: use pstrcpy in place of strncpy

Avoid strncpy+manual-NUL-terminate.  Use pstrcpy instead.

Signed-off-by: Jim Meyering <meyering@redhat.com>
---
 block/vmdk.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

--
1.7.10.1.487.ga3935e6

diff --git a/block/vmdk.c b/block/vmdk.c
index 18e9b4c..bfd7357 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -1319,8 +1319,7 @@  static int relative_path(char *dest, int dest_size,
         return -1;
     }
     if (path_is_absolute(target)) {
-        dest[dest_size - 1] = '\0';
-        strncpy(dest, target, dest_size - 1);
+        pstrcpy(dest, dest_size, target);
         return 0;
     }
     while (base[i] == target[i]) {

[03/22] vmdk: relative_path: avoid buffer overrun

Commit Message

Patch