bug-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 4/4] lwip: Fix a buffer overflow and clear compiler warnings


From: Samuel Thibault
Subject: Re: [PATCH 4/4] lwip: Fix a buffer overflow and clear compiler warnings
Date: Tue, 14 Aug 2018 20:02:22 +0200
User-agent: NeoMutt/20170113 (1.7.2)

Joan Lledó, le mar. 14 août 2018 18:17:28 +0200, a ecrit:
> Missatge de Samuel Thibault <samuel.thibault@gnu.org> del dia dt., 14
> d’ag. 2018 a les 9:34:
> > > -      strncpy (in->dev_name, arg, DEV_NAME_LEN);
> > > +      strncpy (in->dev_name, arg, sizeof(in->dev_name)-1);
> >
> > Mmm, but if arg is longer than the given size and doesn't contain a \0,
> > in->dev_name will not contain one either?
> >
> 
> No, b/c at most sizeof(in->dev_name)-1 bytes from arg will be copied,
> leaving the last byte in in->dev_name unwritten, which always will be
> equal to zero as it's initialized in parse_hook_add_interface().

Right.

Applied, thanks!

Samuel

> > >         strncpy (ifr->ifr_name, netif_get_state (netif)->devname,
> > > -                strlen (netif_get_state (netif)->devname) + 1);
> > > +                sizeof (ifr->ifr_name)-1);
> >
> > Similarly.
> 
> Same here, the last byte is never written and is initialized to \0 in
> the previous line.
> 

-- 
Samuel
 SL> Au fait elle est mieux ma signature maintenant ?
 Oui. T'enlève encore les conneries que t'as écrit dedans et c'est bon.
 -+- JB in <http://neuneu.mine.nu> : Le neueuttoyage par le vide -+-



reply via email to

[Prev in Thread] Current Thread [Next in Thread]