Re: [Patch] Zoran strncpy() cleanup

[Horst Schirmeier]

On Mon, 05 Jun 2006, Eric Sesterhenn wrote:
> On Mon, 2006-06-05 at 23:02 +0200, Horst Schirmeier wrote:
> > On Mon, 05 Jun 2006, Eric Sesterhenn wrote:
> > > hi,
> > > 
> > > this was spotted by coverity ( bug id #536 ). While
> > > it is not really a bug, i think we should clean it up.
> > > std->name can only hold 24 chars, not 32 as the strncpy() calls
> > > suggest. std->name can hold 32 chars, but since we use constant
> > > fixed-sized strings, which will always fit into these arrays, i changed
> > > the strncpy() calls to strcpy(). If you prefer strncpy(foo->name, "bar", sizeof(foo->name))
> > > please let me know and i redo the patch.
> > > 
> > > Signed-off-by: Eric Sesterhenn <snakebyte@xxxxxx>
> > 
> > This _is_ really a bug. strncpy() pads the remaining bytes of dest with
> > zeroes, which destroys parts of the v4l2_standard structure (in
> > particular, the v4l2_fract substructure). I'd suggest not to use
> > strcpy() although it's safe here -- until someone changes the structure
> > sizes.
> 
> Thanks for the fast reply, here is an updated version.
> This patch changes all strncpy() calls to use sizeof(foo)-1 as the
> last parameter.

Problem is, the strings are (possibly) still not zero-terminated:
strncpy() only appends zeroes if src contents are short enough; if they
are not, dest is only zero-terminated if dest[sizeof(dest)-1] was zero
before.
strlcpy() semantics promise more sanity; dest is always zero-terminated
(if its size is >= 1), and the size parameter holds total dest size.
(See lib/string.c for more details.)

Kind regards,
 Horst

-- 
PGP-Key 0xD40E0E7A
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/