Patchwork lib: fwts_framework: ensure we don't truncate null names

login
register
mail settings
Submitter Colin King
Date May 7, 2013, 9:10 a.m.
Message ID <1367917825-18781-1-git-send-email-colin.king@canonical.com>
Download mbox | patch
Permalink /patch/242084/
State Accepted
Headers show

Comments

Colin King - May 7, 2013, 9:10 a.m.
From: Colin Ian King <colin.king@canonical.com>

Coverity CID #997295: Dereference after null check

minor_test->name may be null, so the call
fwts_framework_strtrunc(namebuf, minor_test->name, sizeof(namebuf))
can cause problems.  Make fwts_framework_strtrunc handle null strings.

Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 src/lib/src/fwts_framework.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
Alex Hung - May 9, 2013, 5:47 a.m.
On 05/07/2013 05:10 PM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> Coverity CID #997295: Dereference after null check
>
> minor_test->name may be null, so the call
> fwts_framework_strtrunc(namebuf, minor_test->name, sizeof(namebuf))
> can cause problems.  Make fwts_framework_strtrunc handle null strings.
>
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>   src/lib/src/fwts_framework.c | 5 ++++-
>   1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_framework.c b/src/lib/src/fwts_framework.c
> index 857b54e..adb46c8 100644
> --- a/src/lib/src/fwts_framework.c
> +++ b/src/lib/src/fwts_framework.c
> @@ -291,7 +291,10 @@ static void fwts_framework_show_tests(fwts_framework *fw, bool full)
>    */
>   static void fwts_framework_strtrunc(char *dest, const char *src, size_t max)
>   {
> -	strncpy(dest, src, max);
> +	if (src)
> +		strncpy(dest, src, max);
> +	else
> +		strncpy(dest, "", max);
>
>   	if ((strlen(src) > max) && (max > 3)) {
>   		dest[max-1] = 0;
>
Acked-by: Alex Hung <alex.hung@canonical.com>
Keng-Yu Lin - May 20, 2013, 7:37 a.m.
On Tue, May 7, 2013 at 5:10 PM, Colin King <colin.king@canonical.com> wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> Coverity CID #997295: Dereference after null check
>
> minor_test->name may be null, so the call
> fwts_framework_strtrunc(namebuf, minor_test->name, sizeof(namebuf))
> can cause problems.  Make fwts_framework_strtrunc handle null strings.
>
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>  src/lib/src/fwts_framework.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_framework.c b/src/lib/src/fwts_framework.c
> index 857b54e..adb46c8 100644
> --- a/src/lib/src/fwts_framework.c
> +++ b/src/lib/src/fwts_framework.c
> @@ -291,7 +291,10 @@ static void fwts_framework_show_tests(fwts_framework *fw, bool full)
>   */
>  static void fwts_framework_strtrunc(char *dest, const char *src, size_t max)
>  {
> -       strncpy(dest, src, max);
> +       if (src)
> +               strncpy(dest, src, max);
> +       else
> +               strncpy(dest, "", max);
>
>         if ((strlen(src) > max) && (max > 3)) {
>                 dest[max-1] = 0;
> --
> 1.8.1.2
>
Acked-by: Keng-Yu Lin <kengyu@canonical.com>

Patch

diff --git a/src/lib/src/fwts_framework.c b/src/lib/src/fwts_framework.c
index 857b54e..adb46c8 100644
--- a/src/lib/src/fwts_framework.c
+++ b/src/lib/src/fwts_framework.c
@@ -291,7 +291,10 @@  static void fwts_framework_show_tests(fwts_framework *fw, bool full)
  */
 static void fwts_framework_strtrunc(char *dest, const char *src, size_t max)
 {
-	strncpy(dest, src, max);
+	if (src)
+		strncpy(dest, src, max);
+	else
+		strncpy(dest, "", max);
 
 	if ((strlen(src) > max) && (max > 3)) {
 		dest[max-1] = 0;