* [PATCH] ia32: strncpy does not null terminate string
@ 2009-07-17 12:58 Roel Kluin
2009-07-17 14:19 ` Roel Kluin
2009-07-21 18:27 ` H. Peter Anvin
0 siblings, 2 replies; 3+ messages in thread
From: Roel Kluin @ 2009-07-17 12:58 UTC (permalink / raw)
To: mingo, LKML, Andrew Morton
With `sizeof(lastcomm) - 1` strncpy() will null terminate the string.
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
---
To test this:
#include <stdio.h>
#include <string.h>
char a[10];
char b[10];
int main()
{
const char* str = "0123456789012";
strncpy(a, str, sizeof(a));
strncpy(b, str, sizeof(b) - 1);
printf("String a was %s, b was %s\n", a, b);
return 0;
}
Output:
String a was 0123456789012345678, b was 012345678
diff --git a/arch/x86/ia32/sys_ia32.c b/arch/x86/ia32/sys_ia32.c
index 085a8c3..b114f57 100644
--- a/arch/x86/ia32/sys_ia32.c
+++ b/arch/x86/ia32/sys_ia32.c
@@ -687,7 +687,7 @@ long sys32_vm86_warning(void)
compat_printk(KERN_INFO
"%s: vm86 mode not supported on 64 bit kernel\n",
me->comm);
- strncpy(lastcomm, me->comm, sizeof(lastcomm));
+ strncpy(lastcomm, me->comm, sizeof(lastcomm) - 1);
}
return -ENOSYS;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [PATCH] ia32: strncpy does not null terminate string
2009-07-17 12:58 [PATCH] ia32: strncpy does not null terminate string Roel Kluin
@ 2009-07-17 14:19 ` Roel Kluin
2009-07-21 18:27 ` H. Peter Anvin
1 sibling, 0 replies; 3+ messages in thread
From: Roel Kluin @ 2009-07-17 14:19 UTC (permalink / raw)
To: Bernd Petrovitsch; +Cc: mingo, LKML, Andrew Morton
strlcpy() will always null terminate the string.
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
---
> The proof is flawed: Global variables are automatically '\0'
> initialized.
Hmm, I see, how about using strlcpy instead?
diff --git a/arch/x86/ia32/sys_ia32.c b/arch/x86/ia32/sys_ia32.c
index 085a8c3..528972f 100644
--- a/arch/x86/ia32/sys_ia32.c
+++ b/arch/x86/ia32/sys_ia32.c
@@ -687,7 +687,7 @@ long sys32_vm86_warning(void)
compat_printk(KERN_INFO
"%s: vm86 mode not supported on 64 bit kernel\n",
me->comm);
- strncpy(lastcomm, me->comm, sizeof(lastcomm));
+ strlcpy(lastcomm, me->comm, sizeof(lastcomm));
}
return -ENOSYS;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] ia32: strncpy does not null terminate string
2009-07-17 12:58 [PATCH] ia32: strncpy does not null terminate string Roel Kluin
2009-07-17 14:19 ` Roel Kluin
@ 2009-07-21 18:27 ` H. Peter Anvin
1 sibling, 0 replies; 3+ messages in thread
From: H. Peter Anvin @ 2009-07-21 18:27 UTC (permalink / raw)
To: Roel Kluin; +Cc: mingo, LKML, Andrew Morton
Roel Kluin wrote:
>
> diff --git a/arch/x86/ia32/sys_ia32.c b/arch/x86/ia32/sys_ia32.c
> index 085a8c3..b114f57 100644
> --- a/arch/x86/ia32/sys_ia32.c
> +++ b/arch/x86/ia32/sys_ia32.c
> @@ -687,7 +687,7 @@ long sys32_vm86_warning(void)
> compat_printk(KERN_INFO
> "%s: vm86 mode not supported on 64 bit kernel\n",
> me->comm);
> - strncpy(lastcomm, me->comm, sizeof(lastcomm));
> + strncpy(lastcomm, me->comm, sizeof(lastcomm) - 1);
> }
> return -ENOSYS;
> }
I don't see any problem with the code as written. It is of course
correct that strncpy() doesn't null-terminate (it null-pads, which is
somewhat inefficient, but has info leak advantages), *however*, the only
user (it's a local static variable) uses strncpy(), so that's fine.
It probably could be done cleaner, but there is no actual bug, so I
personally don't see any reason to change it just in the interest of
avoiding churn.
-hpa
--
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-07-21 18:28 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-07-17 12:58 [PATCH] ia32: strncpy does not null terminate string Roel Kluin
2009-07-17 14:19 ` Roel Kluin
2009-07-21 18:27 ` H. Peter Anvin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox