Hi,
On 28/03/2023 17:12, Frank Lichtenheld wrote:
Since we use strlen() to determine the length
and then check it ourselves, there is really
no point in using strncpy.
But the compiler might complain that we use
the output of strlen() for the length of
strncpy which is usually a sign for bugs:
error: ‘strncpy’ specified bound depends
on the length of the source argument
[-Werror=stringop-overflow=]
Warning was at least triggered for
mingw-gcc version 10-win32 20220113.
Signed-off-by: Frank Lichtenheld <fr...@lichtenheld.com>
---
src/openvpn/buffer.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c
index d099795b..de40d690 100644
--- a/src/openvpn/buffer.c
+++ b/src/openvpn/buffer.c
@@ -317,9 +317,9 @@ buf_catrunc(struct buffer *buf, const char *str)
if (buf_forward_capacity(buf) <= 1)
{
int len = (int) strlen(str) + 1;
- if (len < buf_forward_capacity_total(buf))
+ if ((len > 0) && (len < buf_forward_capacity_total(buf)))
len cannot be negative, but I guess you want to check that it is
actually not 0. Just a style thing I guess?
(Because memcpy can happily deal with len=0.)
{
- strncpynt((char *)(buf->data + buf->capacity - len), str, len);
+ memcpy((void *)(buf->data + buf->capacity - len), (void *)str,
(size_t)len);
I'd throw away the casts to 'void *'.
They are not really needed as you can assign everything to 'void *'.
Cheers,
}
}
}
--
Antonio Quartulli
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
