From: Sven Eckelmann <sven@narfation.org>
To: b.a.t.m.a.n@lists.open-mesh.org
Cc: Sven Eckelmann <sven@narfation.org>
Subject: [B.A.T.M.A.N.] [PATCH 3/6] batctl: Use strncpy instead of strcpy for string copy
Date: Sat, 24 May 2014 14:16:41 +0200 [thread overview]
Message-ID: <1400933804-9661-3-git-send-email-sven@narfation.org> (raw)
In-Reply-To: <1400933804-9661-1-git-send-email-sven@narfation.org>
The data used in strcpy is partially provided by the user. This can be larger
than the destination buffer and thus overwrite data after the actual string
buffer. This can easily be avoided by using strncpy.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
---
debugfs.c | 4 +++-
ioctl.c | 3 ++-
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/debugfs.c b/debugfs.c
index 8dd78b1..7bac044 100644
--- a/debugfs.c
+++ b/debugfs.c
@@ -74,7 +74,9 @@ const char *debugfs_find_mountpoint(void)
while (*ptr) {
if (debugfs_valid_mountpoint(*ptr) == 0) {
debugfs_found = 1;
- strcpy(debugfs_mountpoint, *ptr);
+ strncpy(debugfs_mountpoint, *ptr,
+ sizeof(debugfs_mountpoint));
+ debugfs_mountpoint[sizeof(debugfs_mountpoint) - 1] = 0;
return debugfs_mountpoint;
}
ptr++;
diff --git a/ioctl.c b/ioctl.c
index 1f827e8..d3d182f 100644
--- a/ioctl.c
+++ b/ioctl.c
@@ -105,7 +105,8 @@ int ioctl_statistics_get(char *mesh_iface)
int fd = -1, ret = EXIT_FAILURE;
memset(&ifr, 0, sizeof(ifr));
- strcpy(ifr.ifr_name, mesh_iface);
+ strncpy(ifr.ifr_name, mesh_iface, sizeof(ifr.ifr_name));
+ ifr.ifr_name[sizeof(ifr.ifr_name) - 1] = '\0';
fd = socket(AF_INET, SOCK_DGRAM, 0);
if (fd < 0) {
--
2.0.0.rc2
next prev parent reply other threads:[~2014-05-24 12:16 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-24 12:16 [B.A.T.M.A.N.] [PATCH 1/6] batctl: Don't try to close negative file descriptors Sven Eckelmann
2014-05-24 12:16 ` [B.A.T.M.A.N.] [PATCH 2/6] batctl: Force null termination of string after strncpy Sven Eckelmann
2014-06-10 14:41 ` Marek Lindner
2014-05-24 12:16 ` Sven Eckelmann [this message]
2014-06-10 14:49 ` [B.A.T.M.A.N.] [PATCH 3/6] batctl: Use strncpy instead of strcpy for string copy Marek Lindner
2014-05-24 12:16 ` [B.A.T.M.A.N.] [PATCH 4/6] batctl: Return success only with valid line_ptr in read_file Sven Eckelmann
2014-06-10 14:53 ` Marek Lindner
2014-05-24 12:16 ` [B.A.T.M.A.N.] [PATCH 5/6] batctl: Initialize complete ping packet before write Sven Eckelmann
2014-06-10 14:58 ` Marek Lindner
2014-05-24 12:16 ` [B.A.T.M.A.N.] [PATCH 6/6] batctl: Don't provide uninitialized parameter to read_file Sven Eckelmann
2014-06-10 14:59 ` Marek Lindner
2014-06-10 14:31 ` [B.A.T.M.A.N.] [PATCH 1/6] batctl: Don't try to close negative file descriptors Marek Lindner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1400933804-9661-3-git-send-email-sven@narfation.org \
--to=sven@narfation.org \
--cc=b.a.t.m.a.n@lists.open-mesh.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.