From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Laurent Vivier" <laurent@vivier.eu>,
"Riku Voipio" <riku.voipio@iki.fi>,
"Gerd Hoffmann" <kraxel@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>
Subject: [Qemu-devel] [PATCH v2 2/5] linux-user: avoid string truncation warnings in elf field copying
Date: Fri, 12 Apr 2019 13:16:23 +0100 [thread overview]
Message-ID: <20190412121626.19829-3-berrange@redhat.com> (raw)
In-Reply-To: <20190412121626.19829-1-berrange@redhat.com>
In file included from /usr/include/string.h:494,
from include/qemu/osdep.h:101,
from linux-user/elfload.c:2:
In function ‘strncpy’,
inlined from ‘fill_psinfo’ at linux-user/elfload.c:3208:12,
inlined from ‘fill_note_info’ at linux-user/elfload.c:3390:5,
inlined from ‘elf_core_dump’ at linux-user/elfload.c:3539:9:
/usr/include/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Wstringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
We don't require the field to be NUL terminated, so can just
copy the lower of the string length and the target field size
using memcpy.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
linux-user/elfload.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index c1a26021f8..caa060f7b7 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -3180,6 +3180,7 @@ static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts)
{
char *base_filename;
unsigned int i, len;
+ size_t pathlen;
(void) memset(psinfo, 0, sizeof (*psinfo));
@@ -3201,12 +3202,9 @@ static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts)
psinfo->pr_gid = getgid();
base_filename = g_path_get_basename(ts->bprm->filename);
- /*
- * Using strncpy here is fine: at max-length,
- * this field is not NUL-terminated.
- */
- (void) strncpy(psinfo->pr_fname, base_filename,
- sizeof(psinfo->pr_fname));
+ pathlen = strlen(base_filename) + 1;
+ pathlen = MIN(pathlen, sizeof(psinfo->pr_fname));
+ memcpy(psinfo->pr_fname, base_filename, pathlen);
g_free(base_filename);
bswap_psinfo(psinfo);
--
2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Riku Voipio <riku.voipio@iki.fi>,
Laurent Vivier <laurent@vivier.eu>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: [Qemu-devel] [PATCH v2 2/5] linux-user: avoid string truncation warnings in elf field copying
Date: Fri, 12 Apr 2019 13:16:23 +0100 [thread overview]
Message-ID: <20190412121626.19829-3-berrange@redhat.com> (raw)
Message-ID: <20190412121623.1kmN5W3FbqQyxYDNCCJSrFAn4a6-KRbyBFdo7-XVTKE@z> (raw)
In-Reply-To: <20190412121626.19829-1-berrange@redhat.com>
In file included from /usr/include/string.h:494,
from include/qemu/osdep.h:101,
from linux-user/elfload.c:2:
In function ‘strncpy’,
inlined from ‘fill_psinfo’ at linux-user/elfload.c:3208:12,
inlined from ‘fill_note_info’ at linux-user/elfload.c:3390:5,
inlined from ‘elf_core_dump’ at linux-user/elfload.c:3539:9:
/usr/include/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Wstringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
We don't require the field to be NUL terminated, so can just
copy the lower of the string length and the target field size
using memcpy.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
linux-user/elfload.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index c1a26021f8..caa060f7b7 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -3180,6 +3180,7 @@ static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts)
{
char *base_filename;
unsigned int i, len;
+ size_t pathlen;
(void) memset(psinfo, 0, sizeof (*psinfo));
@@ -3201,12 +3202,9 @@ static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts)
psinfo->pr_gid = getgid();
base_filename = g_path_get_basename(ts->bprm->filename);
- /*
- * Using strncpy here is fine: at max-length,
- * this field is not NUL-terminated.
- */
- (void) strncpy(psinfo->pr_fname, base_filename,
- sizeof(psinfo->pr_fname));
+ pathlen = strlen(base_filename) + 1;
+ pathlen = MIN(pathlen, sizeof(psinfo->pr_fname));
+ memcpy(psinfo->pr_fname, base_filename, pathlen);
g_free(base_filename);
bswap_psinfo(psinfo);
--
2.20.1
next prev parent reply other threads:[~2019-04-12 12:16 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-12 12:16 [Qemu-devel] [PATCH v2 0/5] misc set of fixes for warnings under GCC 9 Daniel P. Berrangé
2019-04-12 12:16 ` Daniel P. Berrangé
2019-04-12 12:16 ` [Qemu-devel] [PATCH v2 1/5] linux-user: avoid string truncation warnings in uname field copying Daniel P. Berrangé
2019-04-12 12:16 ` Daniel P. Berrangé
2019-04-12 12:28 ` Laurent Vivier
2019-04-12 12:28 ` Laurent Vivier
2019-04-12 12:16 ` Daniel P. Berrangé [this message]
2019-04-12 12:16 ` [Qemu-devel] [PATCH v2 2/5] linux-user: avoid string truncation warnings in elf " Daniel P. Berrangé
2019-04-12 12:32 ` Laurent Vivier
2019-04-12 12:32 ` Laurent Vivier
2019-04-12 12:16 ` [Qemu-devel] [PATCH v2 3/5] sockets: avoid string truncation warnings when copying UNIX path Daniel P. Berrangé
2019-04-12 12:16 ` Daniel P. Berrangé
2019-05-02 15:45 ` Laurent Vivier
2019-05-02 15:45 ` Laurent Vivier
2019-05-02 15:48 ` Daniel P. Berrangé
2019-05-02 15:48 ` Daniel P. Berrangé
2019-05-02 16:18 ` Laurent Vivier
2019-05-02 16:18 ` Laurent Vivier
2019-04-12 12:16 ` [Qemu-devel] [PATCH v2 4/5] hw/usb: avoid format truncation warning when formatting port name Daniel P. Berrangé
2019-04-12 12:16 ` Daniel P. Berrangé
2019-05-02 6:44 ` Gerd Hoffmann
2019-05-02 6:44 ` Gerd Hoffmann
2019-04-12 12:16 ` [Qemu-devel] [PATCH v2 5/5] qxl: avoid unaligned pointer reads/writes Daniel P. Berrangé
2019-04-12 12:16 ` Daniel P. Berrangé
2019-05-07 7:54 ` Gerd Hoffmann
2019-05-07 8:11 ` Philippe Mathieu-Daudé
2019-05-07 8:53 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190412121626.19829-3-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=kraxel@redhat.com \
--cc=laurent@vivier.eu \
--cc=qemu-devel@nongnu.org \
--cc=riku.voipio@iki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).