Re: [PATCH 6/7] libxc: Fix misleading use of strncpy code in build_hvm_info()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jennifer Herbert <Jennifer.Herbert@citrix.com>, xen-devel@lists.xen.org
Cc: ian.jackson@eu.citrix.com, wei.liu2@citrix.com,
	ian.campbell@citrix.com, stefano.stabellini@eu.citrix.com
Subject: Re: [PATCH 6/7] libxc: Fix misleading use of strncpy code in build_hvm_info()
Date: Fri, 3 Jul 2015 15:41:49 +0100	[thread overview]
Message-ID: <55969F2D.7050404@citrix.com> (raw)
In-Reply-To: <1435772232-39085-7-git-send-email-Jennifer.Herbert@citrix.com>

On 01/07/15 18:37, Jennifer Herbert wrote:
> hvm_info->signature is not a string, but an 64 bit int, and is not
> NULL terminated.  The use of strncpy to populate it is inappropriate and
> potentially misleading.  A cursory glance might have you thinking someone
> had miscounted the length of the string literal - not realising it was
> intentionally cropping of the null termination.
> Also, since we wish to initialise all of hvm_info->signature, and
> certainly no more, the use of sizeof is safer.
>
> Signed-off-by: Jennifer Herbert <jennifer.herbert@citrix.com>

Coverity-ID: 1198710

~Andrew

> ---
>  tools/libxc/xc_hvm_build_x86.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/libxc/xc_hvm_build_x86.c b/tools/libxc/xc_hvm_build_x86.c
> index 003ea06..ec5ef4d 100644
> --- a/tools/libxc/xc_hvm_build_x86.c
> +++ b/tools/libxc/xc_hvm_build_x86.c
> @@ -99,7 +99,7 @@ static void build_hvm_info(void *hvm_info_page,
>      memset(hvm_info_page, 0, PAGE_SIZE);
>  
>      /* Fill in the header. */
> -    strncpy(hvm_info->signature, "HVM INFO", 8);
> +    memcpy(hvm_info->signature, "HVM INFO", sizeof(hvm_info->signature));
>      hvm_info->length = sizeof(struct hvm_info_table);
>  
>      /* Sensible defaults: these can be overridden by the caller. */

next prev parent reply	other threads:[~2015-07-03 14:41 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-07-01 17:37 [PATCH 0/7] libxc: Fix a number of coverity issues Jennifer Herbert
2015-07-01 17:37 ` [PATCH 1/7] libxc: fix uninitialized variable in xc_cpuid_pv_policy() Jennifer Herbert
2015-07-02 13:19   ` Andrew Cooper
2015-07-03 14:39   ` Andrew Cooper
2015-07-03 15:15   ` Ian Jackson
2015-07-03 15:39     ` Ian Campbell
2015-07-03 15:47       ` Ian Jackson
2015-07-03 15:50         ` Ian Campbell
2015-07-03 15:57           ` Andrew Cooper
2015-07-01 17:37 ` [PATCH 2/7] libxc: Use const pointer in local_file_dump() Jennifer Herbert
2015-07-03 15:27   ` Ian Jackson
2015-07-07 12:16     ` Jennifer Herbert
2015-07-07 12:15       ` Ian Jackson
2015-07-01 17:37 ` [PATCH 3/7] libxc: Fix uninitialized valiables in xc_cpuid_hvm_policy() Jennifer Herbert
2015-07-03 15:30   ` Ian Jackson
2015-07-01 17:37 ` [PATCH 4/7] libxc: Prevent dereferencing NULL pointers returned from xc_dom_allocate() Jennifer Herbert
2015-07-03 15:17   ` Ian Jackson
2015-07-03 16:01     ` Ian Campbell
2015-07-01 17:37 ` [PATCH 5/7] libxc: Removing dead code " Jennifer Herbert
2015-07-03 14:41   ` Andrew Cooper
2015-07-03 15:24   ` Ian Jackson
2015-07-03 15:31     ` Ian Campbell
2015-07-03 15:33       ` Ian Jackson
2015-07-03 15:46         ` Ian Campbell
2015-07-03 15:48           ` Ian Jackson
2015-07-01 17:37 ` [PATCH 6/7] libxc: Fix misleading use of strncpy code in build_hvm_info() Jennifer Herbert
2015-07-03 14:41   ` Andrew Cooper [this message]
2015-07-03 15:25   ` Ian Jackson
2015-07-03 16:01     ` Ian Campbell
2015-07-01 17:37 ` [PATCH 7/7] libxc: Prevent NULL pointer dereference in stdiostream_vmessage() Jennifer Herbert
2015-07-03 15:29   ` Ian Jackson
2015-07-03 15:37     ` Ian Campbell
2015-07-03 15:44       ` Ian Jackson
2015-07-02 13:23 ` [PATCH 0/7] libxc: Fix a number of coverity issues Andrew Cooper
2015-07-03 14:21   ` Ian Campbell
2015-07-03 14:20 ` Ian Campbell
2015-07-03 14:22   ` Andrew Cooper
2015-07-03 14:42     ` Ian Campbell
2015-07-03 14:49       ` Andrew Cooper
2015-07-03 15:13 ` Ian Jackson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55969F2D.7050404@citrix.com \
    --to=andrew.cooper3@citrix.com \
    --cc=Jennifer.Herbert@citrix.com \
    --cc=ian.campbell@citrix.com \
    --cc=ian.jackson@eu.citrix.com \
    --cc=stefano.stabellini@eu.citrix.com \
    --cc=wei.liu2@citrix.com \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.