qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [PATCH-for-7.2 v2] libvduse: Avoid warning about dangerous use of strncpy()
@ 2022-11-11 12:45 Philippe Mathieu-Daudé
  2022-11-11 15:00 ` Bin Meng
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: Philippe Mathieu-Daudé @ 2022-11-11 12:45 UTC (permalink / raw)
  To: qemu-devel
  Cc: Xie Yongji, Stefan Hajnoczi, Bin Meng,
	Philippe Mathieu-Daudé,
	Markus Armbruster, Philippe Mathieu-Daudé,
	Kevin Wolf

From: Philippe Mathieu-Daudé <f4bug@amsat.org>

GCC 8 added a -Wstringop-truncation warning:

  The -Wstringop-truncation warning added in GCC 8.0 via r254630 for
  bug 81117 is specifically intended to highlight likely unintended
  uses of the strncpy function that truncate the terminating NUL
  character from the source string.

Here the next line indeed unconditionally zeroes the last byte, but
1/ the buffer has been calloc'd, so we don't need to add an extra
byte, and 2/ we called vduse_name_is_invalid() which checked the
string length, so we can simply call strcpy().

This fixes when using gcc (Ubuntu 9.4.0-1ubuntu1~20.04.1) 9.4.0:

  [42/666] Compiling C object subprojects/libvduse/libvduse.a.p/libvduse.c.o
  FAILED: subprojects/libvduse/libvduse.a.p/libvduse.c.o
  cc -m64 -mcx16 -Isubprojects/libvduse/libvduse.a.p -Isubprojects/libvduse -I../../subprojects/libvduse [...] -o subprojects/libvduse/libvduse.a.p/libvduse.c.o -c ../../subprojects/libvduse/libvduse.c
  In file included from /usr/include/string.h:495,
                   from ../../subprojects/libvduse/libvduse.c:24:
  In function ‘strncpy’,
      inlined from ‘vduse_dev_create’ at ../../subprojects/libvduse/libvduse.c:1312:5:
  /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 256 equals destination size [-Werror=stringop-truncation]
    106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
        |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  cc1: all warnings being treated as errors
  ninja: build stopped: cannot make progress due to previous errors.

Fixes: d9cf16c0be ("libvduse: Replace strcpy() with strncpy()")
Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Supersedes: <20220919192306.52729-1-f4bug@amsat.org>
Cc: Xie Yongji <xieyongji@bytedance.com>
Cc: Kevin Wolf <kwolf@redhat.com>
 subprojects/libvduse/libvduse.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/subprojects/libvduse/libvduse.c b/subprojects/libvduse/libvduse.c
index 1a5981445c..e089d4d546 100644
--- a/subprojects/libvduse/libvduse.c
+++ b/subprojects/libvduse/libvduse.c
@@ -1309,8 +1309,8 @@ VduseDev *vduse_dev_create(const char *name, uint32_t device_id,
         goto err_dev;
-    strncpy(dev_config->name, name, VDUSE_NAME_MAX);
-    dev_config->name[VDUSE_NAME_MAX - 1] = '\0';
+    assert(!vduse_name_is_invalid(name));
+    strcpy(dev_config->name, name);
     dev_config->device_id = device_id;
     dev_config->vendor_id = vendor_id;
     dev_config->features = features;

^ permalink raw reply related	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2022-11-13 11:32 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-11 12:45 [PATCH-for-7.2 v2] libvduse: Avoid warning about dangerous use of strncpy() Philippe Mathieu-Daudé
2022-11-11 15:00 ` Bin Meng
2022-11-11 16:50 ` Stefan Hajnoczi
2022-11-12  7:53 ` Yongji Xie
2022-11-13 11:31 ` Stefan Hajnoczi

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).