* re: target: target_core_transport.c: Cleaning up missing null-terminate in conjunction with strncpy
@ 2014-09-03 9:57 ` Dan Carpenter
0 siblings, 0 replies; 2+ messages in thread
From: Dan Carpenter @ 2014-09-03 9:57 UTC (permalink / raw)
To: rickard_strandqvist, Nicholas Bellinger
Cc: target-devel, Joe Perches, Kees Cook, Andrew Morton, linux-kernel,
kernel-janitors
The patch 6cfa853ceee4: "target: target_core_transport.c: Cleaning up
missing null-terminate in conjunction with strncpy" from Aug 3, 2014,
leads to the following static checker warning:
drivers/target/target_core_transport.c:956 transport_dump_vpd_ident_type()
error: potentially dereferencing uninitialized 'len'.
drivers/target/target_core_transport.c
955 default:
956 len = strlen(len);
^^^^^^^^^^^^^^^^^
This was obviously supposed to be strlen(buf) and no one compile tested
it... But the patch is called "missing null-terminate" when actually
the original code was fine as far as I can see.
Apparently, as a safety measure we're trying to replace every strncpy()
with:
strncpy(foo, bar, sizeof(foo));
foo[sizeof(foo) - 1] = '\0';
We should have a function for this. We used to use strlcpy() but people
complained that it could read beyond the end of the src string. Also it
doesn't pad the string with zeros. So now we're open coding NUL
terminators everywhere so the code is easier to audit.
That sucks and makes the code messier.
Rickard, please, let's find a cleaner way to do this.
regards,
dan carpenter
^ permalink raw reply [flat|nested] 2+ messages in thread
* re: target: target_core_transport.c: Cleaning up missing null-terminate in conjunction with strncpy
@ 2014-09-03 9:57 ` Dan Carpenter
0 siblings, 0 replies; 2+ messages in thread
From: Dan Carpenter @ 2014-09-03 9:57 UTC (permalink / raw)
To: rickard_strandqvist, Nicholas Bellinger
Cc: target-devel, Joe Perches, Kees Cook, Andrew Morton, linux-kernel,
kernel-janitors
The patch 6cfa853ceee4: "target: target_core_transport.c: Cleaning up
missing null-terminate in conjunction with strncpy" from Aug 3, 2014,
leads to the following static checker warning:
drivers/target/target_core_transport.c:956 transport_dump_vpd_ident_type()
error: potentially dereferencing uninitialized 'len'.
drivers/target/target_core_transport.c
955 default:
956 len = strlen(len);
^^^^^^^^^^^^^^^^^
This was obviously supposed to be strlen(buf) and no one compile tested
it... But the patch is called "missing null-terminate" when actually
the original code was fine as far as I can see.
Apparently, as a safety measure we're trying to replace every strncpy()
with:
strncpy(foo, bar, sizeof(foo));
foo[sizeof(foo) - 1] = '\0';
We should have a function for this. We used to use strlcpy() but people
complained that it could read beyond the end of the src string. Also it
doesn't pad the string with zeros. So now we're open coding NUL
terminators everywhere so the code is easier to audit.
That sucks and makes the code messier.
Rickard, please, let's find a cleaner way to do this.
regards,
dan carpenter
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-09-03 9:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-03 9:57 target: target_core_transport.c: Cleaning up missing null-terminate in conjunction with strncpy Dan Carpenter
2014-09-03 9:57 ` Dan Carpenter
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.