Patchwork [01/22] block: avoid buffer overrun by using pstrcpy, not strncpy

login
register
mail settings
Submitter Jim Meyering
Date May 9, 2012, 9:23 a.m.
Message ID <1336555446-20180-2-git-send-email-jim@meyering.net>
Download mbox | patch
Permalink /patch/157990/
State New
Headers show

Comments

Jim Meyering - May 9, 2012, 9:23 a.m.
From: Jim Meyering <meyering@redhat.com>

Also, use PATH_MAX, rather than the arbitrary 1024.
Using PATH_MAX is more consistent with other filename-related
variables in this file, like backing_filename and tmp_filename.

Signed-off-by: Jim Meyering <meyering@redhat.com>
---
 block.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Patch

diff --git a/block.c b/block.c
index 43c794c..ddc0f58 100644
--- a/block.c
+++ b/block.c
@@ -1162,7 +1162,7 @@  int bdrv_commit(BlockDriverState *bs)
     int n, ro, open_flags;
     int ret = 0, rw_ret = 0;
     uint8_t *buf;
-    char filename[1024];
+    char filename[PATH_MAX];
     BlockDriverState *bs_rw, *bs_ro;

     if (!drv)
@@ -1182,7 +1182,8 @@  int bdrv_commit(BlockDriverState *bs)

     backing_drv = bs->backing_hd->drv;
     ro = bs->backing_hd->read_only;
-    strncpy(filename, bs->backing_hd->filename, sizeof(filename));
+    /* Use pstrcpy (not strncpy): filename must be NUL-terminated. */
+    pstrcpy(filename, sizeof(filename), bs->backing_hd->filename);
     open_flags =  bs->backing_hd->open_flags;

     if (ro) {