Patchwork [07/12] lib: fwts_acpi_tables: use strncpy instead of strcpy

login
register
mail settings
Submitter Colin King
Date Nov. 4, 2012, 10:19 p.m.
Message ID <1352067590-11820-8-git-send-email-colin.king@canonical.com>
Download mbox | patch
Permalink /patch/197105/
State Rejected
Headers show

Comments

Colin King - Nov. 4, 2012, 10:19 p.m.
From: Colin Ian King <colin.king@canonical.com>

Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 src/lib/src/fwts_acpi_tables.c |   23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

Patch

diff --git a/src/lib/src/fwts_acpi_tables.c b/src/lib/src/fwts_acpi_tables.c
index e225a37..b68e50a 100644
--- a/src/lib/src/fwts_acpi_tables.c
+++ b/src/lib/src/fwts_acpi_tables.c
@@ -322,7 +322,12 @@  static uint32_t fwts_fake_physical_addr(const size_t size)
  *  fwts_acpi_load_table_from_acpidump()
  *	Load an ACPI table from the output of acpidump or fwts --dump
  */
-static uint8_t *fwts_acpi_load_table_from_acpidump(FILE *fp, char *name, uint64_t *addr, size_t *size)
+static uint8_t *fwts_acpi_load_table_from_acpidump(
+	FILE *fp,
+	char *name,
+	const size_t name_len,
+	uint64_t *addr,
+	size_t *size)
 {
 	uint32_t offset;
 	uint8_t  data[16];
@@ -331,7 +336,7 @@  static uint8_t *fwts_acpi_load_table_from_acpidump(FILE *fp, char *name, uint64_
 	char *ptr = buffer;
 	size_t len = 0;
 	unsigned long long table_addr;
-	ptrdiff_t name_len;
+	ptrdiff_t table_name_len;
 
 	*size = 0;
 
@@ -347,26 +352,26 @@  static uint8_t *fwts_acpi_load_table_from_acpidump(FILE *fp, char *name, uint64_
 	if (ptr == NULL)
 		return NULL; /* Can't find table name */
 
-	name_len = ptr - buffer;
+	table_name_len = ptr - buffer;
 	/*
 	 * We should have no more than the table name (4..5 chars)
 	 * plus a space left between the start of the buffer and
 	 * the @ sign.  If we have more then something is wrong with
 	 * the data. So just ignore this garbage as we don't want to
-	 * overflow the name on the following strcpy()
+	 * overflow the name on the following strncpy()
 	 */
-	if ((name_len > 6) || (name_len < 5))
+	if ((table_name_len > 6) || (table_name_len < 5))
 		return NULL; /* Name way too long or too short */
 
 	if (sscanf(ptr, "@ 0x%Lx\n", &table_addr) < 1)
 		return NULL; /* Can't parse address */
 
 	*(ptr-1) = '\0';
-	strcpy(name, buffer);
+	strncpy(name, buffer, name_len);
 
 	/* In fwts RSD PTR is known as the RSDP */
 	if (strncmp(name, "RSD PTR", 7) == 0)
-		strcpy(name, "RSDP");
+		strncpy(name, "RSDP", name_len);
 
 	/* Pull in 16 bytes at a time */
 	while (fgets(buffer, sizeof(buffer), fp) ) {
@@ -417,7 +422,7 @@  static int fwts_acpi_load_tables_from_acpidump(fwts_framework *fw)
 		size_t length;
 		char name[16];
 
-		if ((table = fwts_acpi_load_table_from_acpidump(fp, name, &addr, &length)) != NULL)
+		if ((table = fwts_acpi_load_table_from_acpidump(fp, name, sizeof(name), &addr, &length)) != NULL)
 			fwts_acpi_add_table(name, table, addr, length, FWTS_ACPI_TABLE_FROM_FILE);
 	}
 
@@ -495,7 +500,7 @@  static int fwts_acpi_load_tables_from_file(fwts_framework *fw)
 
 					if (!strncmp(rsdp->signature, "RSD PTR ", 8)) {
 						/* In fwts, RSD PTR is tagged as the RSDP */
-						strcpy(name, "RSDP");
+						strncpy(name, "RSDP", sizeof(name));
 					} else {
 						/* Assume it is a standard ACPI table */
 						fwts_acpi_table_header *hdr = (fwts_acpi_table_header *)table;