[ulogd2 PATCH 17/26] output: DBI: fix string truncation warnings

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [ulogd2 PATCH 17/26] output: DBI: fix string truncation warnings
Date: Sat, 30 Oct 2021 17:44:23 +0100	[thread overview]
Message-ID: <20211030164432.1140896-18-jeremy@azazel.net> (raw)
In-Reply-To: <20211030164432.1140896-1-jeremy@azazel.net>

Replace `strncpy` with `snprintf` and `memcpy`.

Remove intermediate buffer.

Ensure that `dst` is properly initialized if `dbi_conn_quote_string_copy`
returns an error.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
 output/dbi/ulogd_output_DBI.c | 46 +++++++++++++++--------------------
 1 file changed, 20 insertions(+), 26 deletions(-)

diff --git a/output/dbi/ulogd_output_DBI.c b/output/dbi/ulogd_output_DBI.c
index 461aed4bddb6..babaf58a9a56 100644
--- a/output/dbi/ulogd_output_DBI.c
+++ b/output/dbi/ulogd_output_DBI.c
@@ -91,15 +91,6 @@ static struct config_keyset dbi_kset = {
 #define dbtype_ce(x)	(x->ces[DB_CE_NUM+6])
 
 
-/* lower-cases s in place */
-static void str_tolower(char *s)
-{
-	while(*s) {
-		*s = tolower(*s);
-		s++;
-	}
-}
-
 /* find out which columns the table has */
 static int get_columns_dbi(struct ulogd_pluginstance *upi)
 {
@@ -139,25 +130,26 @@ static int get_columns_dbi(struct ulogd_pluginstance *upi)
 		return -ENOMEM;
 	}
 
-	for (ui=1; ui<=upi->input.num_keys; ui++) {
-		char buf[ULOGD_MAX_KEYLEN+1];
-		char *underscore;
-		const char* field_name = dbi_result_get_field_name(pi->result, ui);
+	for (ui = 1; ui <= upi->input.num_keys; ui++) {
+		const char *field_name = dbi_result_get_field_name(pi->result, ui);
+		char *cp;
 
 		if (!field_name)
 			break;
 
-		/* replace all underscores with dots */
-		strncpy(buf, field_name, ULOGD_MAX_KEYLEN);
-		while ((underscore = strchr(buf, '_')))
-			*underscore = '.';
+		snprintf(upi->input.keys[ui - 1].name,
+			 sizeof(upi->input.keys[ui - 1].name),
+			 "%s", field_name);
 
-		str_tolower(buf);
+		/* down-case and replace all underscores with dots */
+		for (cp = upi->input.keys[ui - 1].name; *cp; cp++) {
+			if (*cp == '_')
+				*cp = '.';
+			else
+				*cp = tolower(*cp);
+		}
 
-		DEBUGP("field '%s' found: ", buf);
-
-		/* add it to list of input keys */
-		strncpy(upi->input.keys[ui-1].name, buf, ULOGD_MAX_KEYLEN);
+		DEBUGP("field '%s' found: ", upi->input.keys[ui - 1].name);
 	}
 
 	/* ID is a sequence */
@@ -245,18 +237,20 @@ static int escape_string_dbi(struct ulogd_pluginstance *upi,
 	}
 
 	ret = dbi_conn_quote_string_copy(pi->dbh, src, &newstr);
-	if (ret <= 2)
+	if (ret == 0) {
+		*dst = '\0';
 		return 0;
+	}
 
 	/* dbi_conn_quote_string_copy returns a quoted string,
 	 * but __interp_db already quotes the string
 	 * So we return a string without the quotes
 	 */
-	strncpy(dst,newstr+1,ret-2);
-	dst[ret-2] = '\0';
+	memcpy(dst, newstr + 1, ret - 2);
+	dst[ret - 2] = '\0';
 	free(newstr);
 
-	return (ret-2);
+	return ret - 2;
 }
 
 static int execute_dbi(struct ulogd_pluginstance *upi,
-- 
2.33.0

next prev parent reply	other threads:[~2021-10-30 17:10 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-30 16:44 [ulogd2 PATCH 00/26] Compiler Warning Fixes Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 01/26] include: add format attribute to __ulogd_log declaration Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 02/26] ulog: remove empty log-line Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 03/26] ulog: fix order of log arguments Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 04/26] ulog: correct log specifiers Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 05/26] output: IPFIX: correct format-specifiers Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 06/26] jhash: add "fall through" comments to switch cases Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 07/26] db: add missing `break` to switch-case Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 08/26] filter: HWHDR: replace `switch` with `if` Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 09/26] filter: HWHDR: re-order KEY_RAW_MAC checks Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 10/26] filter: HWHDR: remove zero-initialization of MAC type Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 11/26] Replace malloc+memset with calloc Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 12/26] filter: PWSNIFF: replace malloc+strncpy with strndup Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 13/26] input: UNIXSOCK: stat socket-path first before creating the socket Jeremy Sowden
2021-10-30 17:33   ` Jan Engelhardt
2021-11-06 13:51     ` Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 14/26] input: UNIXSOCK: fix possible truncation of socket path Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 15/26] input: UNIXSOCK: prevent unaligned pointer access Jeremy Sowden
2021-10-30 17:42   ` Jan Engelhardt
2021-11-06 14:13     ` Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 16/26] output: DBI: fix deprecation warnings Jeremy Sowden
2021-10-30 16:44 ` Jeremy Sowden [this message]
2021-10-30 16:44 ` [ulogd2 PATCH 18/26] output: MYSQL: Fix string truncation warning Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 19/26] output: PGSQL: " Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 20/26] output: SQLITE3: Fix string truncation warnings and possible buffer overruns Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 21/26] output: SQLITE3: catch errors creating SQL statement Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 22/26] util: db: fix possible string truncation Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 23/26] output: JSON: fix output of GMT offset Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 24/26] output: JSON: fix printf truncation warnings Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 25/26] output: JSON: optimize appending of newline to output Jeremy Sowden
2021-10-30 16:44 ` [ulogd2 PATCH 26/26] output: JSON: fix possible truncation of socket path Jeremy Sowden

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:461aed4bddb dfblob:babaf58a9a5 )
 OR (
bs:"[ulogd2 PATCH 17/26] output: DBI: fix string truncation warnings" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20211030164432.1140896-18-jeremy@azazel.net \
    --to=jeremy@azazel.net \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).