Re: [Qemu-devel] [PATCH 03/22] vmdk: relative_path: avoid buffer overrun

[Kevin Wolf]

Am 09.05.2012 14:09, schrieb Jim Meyering:
> Kevin Wolf wrote:
>> Am 09.05.2012 11:23, schrieb Jim Meyering:
>>> From: Jim Meyering <meyer...@redhat.com>
>>>
>>> strncpy does not guarantee NUL-termination.
>>> Setting dest[n-1] = '\0' *before* calling strncpy(dest, src, n-1)
>>> is a no-op.  Use pstrcpy to ensure NUL-termination, not strncpy.
>>
>> It's not, it would only be a no-op before strncpy(dest, src, n). But
>> pstrcpy() is definitely nicer.
>>
>>> Signed-off-by: Jim Meyering <meyer...@redhat.com>
>>> ---
>>>  block/vmdk.c | 3 +--
>>>  1 file changed, 1 insertion(+), 2 deletions(-)
>>>
>>> diff --git a/block/vmdk.c b/block/vmdk.c
>>> index 18e9b4c..045e279 100644
>>> --- a/block/vmdk.c
>>> +++ b/block/vmdk.c
>>> @@ -1319,8 +1319,7 @@ static int relative_path(char *dest, int dest_size,
>>>          return -1;
>>>      }
>>>      if (path_is_absolute(target)) {
>>> -        dest[dest_size - 1] = '\0';
>>> -        strncpy(dest, target, dest_size - 1);
>>> +        pstrcpy(dest, dest_size - 1, target);
>>
>> I think you mean pstrcpy(dest, dest_size, target).
> 
> Good points.  Thanks for the review.
> Here's the corrected commit:
> 
> From 78a367d846c95e84fddc971cbae544f24bc3455f Mon Sep 17 00:00:00 2001
> From: Jim Meyering <meyer...@redhat.com>
> Date: Mon, 7 May 2012 12:46:02 +0200
> Subject: [PATCH] vmdk: relative_path: use pstrcpy in place of strncpy
> 
> Avoid strncpy+manual-NUL-terminate.  Use pstrcpy instead.
> 
> Signed-off-by: Jim Meyering <meyer...@redhat.com>
> ---
>  block/vmdk.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/block/vmdk.c b/block/vmdk.c
> index 18e9b4c..bfd7357 100644
> --- a/block/vmdk.c
> +++ b/block/vmdk.c
> @@ -1319,8 +1319,7 @@ static int relative_path(char *dest, int dest_size,
>          return -1;
>      }
>      if (path_is_absolute(target)) {
> -        dest[dest_size - 1] = '\0';
> -        strncpy(dest, target, dest_size - 1);
> +        pstrcpy(dest, dest_size, target);
>          return 0;
>      }
>      while (base[i] == target[i]) {
> --
> 1.7.10.1.487.ga3935e6

Acked-by: Kevin Wolf <kw...@redhat.com>