subject:"\[PATCH 2\/4\] libvduse\: Replace strcpy\(\) with strncpy\(\)"

Re: [PATCH 2/4] libvduse: Replace strcpy() with strncpy()

2022-06-29 Thread Markus Armbruster

Xie Yongji writes: > Coverity reported a string overflow issue since we copied > "name" to "dev_config->name" without checking the length. > This should be a false positive since we already checked > the length of "name" in vduse_name_is_invalid(). But anyway, > let's replace strcpy() with strncp

Re: [PATCH 2/4] libvduse: Replace strcpy() with strncpy()

2022-06-27 Thread Yongji Xie

On Tue, Jun 28, 2022 at 8:26 AM Richard Henderson wrote: > > On 6/27/22 14:32, Xie Yongji wrote: > > -strcpy(dev_config->name, name); > > +strncpy(dev_config->name, name, VDUSE_NAME_MAX); > > +dev_config->name[VDUSE_NAME_MAX - 1] = '\0'; > > g_strlcpy > Now we don't have a dependency

Re: [PATCH 2/4] libvduse: Replace strcpy() with strncpy()

2022-06-27 Thread Richard Henderson

On 6/27/22 14:32, Xie Yongji wrote: -strcpy(dev_config->name, name); +strncpy(dev_config->name, name, VDUSE_NAME_MAX); +dev_config->name[VDUSE_NAME_MAX - 1] = '\0'; g_strlcpy r~

[PATCH 2/4] libvduse: Replace strcpy() with strncpy()

2022-06-27 Thread Xie Yongji

Coverity reported a string overflow issue since we copied "name" to "dev_config->name" without checking the length. This should be a false positive since we already checked the length of "name" in vduse_name_is_invalid(). But anyway, let's replace strcpy() with strncpy() to fix the coverity complai