Re: [Patch] Zoran strncpy() cleanup

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Horst Schirmeier <horst@schirmeier.com>
To: Eric Sesterhenn <snakebyte@gmx.de>
Cc: LKML <linux-kernel@vger.kernel.org>, bdirks@pacbell.net
Subject: Re: [Patch] Zoran strncpy() cleanup
Date: Mon, 5 Jun 2006 23:36:45 +0200	[thread overview]
Message-ID: <20060605213645.GO7236@quickstop.soohrt.org> (raw)
In-Reply-To: <1149542155.17537.3.camel@alice>

On Mon, 05 Jun 2006, Eric Sesterhenn wrote:
> On Mon, 2006-06-05 at 23:02 +0200, Horst Schirmeier wrote:
> > On Mon, 05 Jun 2006, Eric Sesterhenn wrote:
> > > hi,
> > > 
> > > this was spotted by coverity ( bug id #536 ). While
> > > it is not really a bug, i think we should clean it up.
> > > std->name can only hold 24 chars, not 32 as the strncpy() calls
> > > suggest. std->name can hold 32 chars, but since we use constant
> > > fixed-sized strings, which will always fit into these arrays, i changed
> > > the strncpy() calls to strcpy(). If you prefer strncpy(foo->name, "bar", sizeof(foo->name))
> > > please let me know and i redo the patch.
> > > 
> > > Signed-off-by: Eric Sesterhenn <snakebyte@gmx.de>
> > 
> > This _is_ really a bug. strncpy() pads the remaining bytes of dest with
> > zeroes, which destroys parts of the v4l2_standard structure (in
> > particular, the v4l2_fract substructure). I'd suggest not to use
> > strcpy() although it's safe here -- until someone changes the structure
> > sizes.
> 
> Thanks for the fast reply, here is an updated version.
> This patch changes all strncpy() calls to use sizeof(foo)-1 as the
> last parameter.

Problem is, the strings are (possibly) still not zero-terminated:
strncpy() only appends zeroes if src contents are short enough; if they
are not, dest is only zero-terminated if dest[sizeof(dest)-1] was zero
before.
strlcpy() semantics promise more sanity; dest is always zero-terminated
(if its size is >= 1), and the size parameter holds total dest size.
(See lib/string.c for more details.)

Kind regards,
 Horst

-- 
PGP-Key 0xD40E0E7A

next prev parent reply	other threads:[~2006-06-05 21:36 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-06-05 20:12 [Patch] Zoran strncpy() cleanup Eric Sesterhenn
2006-06-05 21:02 ` Horst Schirmeier
2006-06-05 21:15   ` Eric Sesterhenn
2006-06-05 21:36     ` Horst Schirmeier [this message]
2006-06-05 21:46       ` Eric Sesterhenn
2006-06-05 22:01         ` Horst Schirmeier

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060605213645.GO7236@quickstop.soohrt.org \
    --to=horst@schirmeier.com \
    --cc=bdirks@pacbell.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=snakebyte@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox