On Mon, Sep 03, 2012 at 05:19:44PM +0200, Otto Moerbeek wrote:
> On Mon, Sep 03, 2012 at 04:37:42PM +0200, rustyBSD wrote:
>
> > /usr/src/sbin/disklabel/disklabel.c
> > lines: 333 & 1092 & 1096
> >
> > Is this me, or these strncpy() may cause off-by-one
> > overflows ?
> >
> > In an use like this:
> >
> > strncpy(a, b, sizeof(a));
>
> No, this is not an overflow. But a will potentieally not be NUL-terminated.
>
> >
> > the null terminator will be added beyond the end of
> > a if b has the same size (or a larger size).
> >
> > Should use something like:
> >
> > strncpy(a, b, sizeof(a) - 1);
>
> Better use strlcpy(3). The mappages for goth strncopy and strlcpy
> explain why.
Ugh, missed the disklabel reference. These fields are not
NUL-terminated strings, so strncpy(3) is ok in this case.
-Otto
