[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 3/7] libvduse: Replace strcpy() with strncpy()
From: |
Kevin Wolf |
Subject: |
[PULL 3/7] libvduse: Replace strcpy() with strncpy() |
Date: |
Tue, 2 Aug 2022 15:37:53 +0200 |
From: Xie Yongji <xieyongji@bytedance.com>
Coverity reported a string overflow issue since we copied
"name" to "dev_config->name" without checking the length.
This should be a false positive since we already checked
the length of "name" in vduse_name_is_invalid(). But anyway,
let's replace strcpy() with strncpy() (as a general library,
we'd like to minimize dependencies on other libraries, so we
didn't use g_strlcpy() here) to fix the coverity complaint.
Fixes: Coverity CID 1490224
Signed-off-by: Xie Yongji <xieyongji@bytedance.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20220706095624.328-3-xieyongji@bytedance.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
subprojects/libvduse/libvduse.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/subprojects/libvduse/libvduse.c b/subprojects/libvduse/libvduse.c
index 6374933881..1e36227388 100644
--- a/subprojects/libvduse/libvduse.c
+++ b/subprojects/libvduse/libvduse.c
@@ -1309,7 +1309,8 @@ VduseDev *vduse_dev_create(const char *name, uint32_t
device_id,
goto err_dev;
}
- strcpy(dev_config->name, name);
+ strncpy(dev_config->name, name, VDUSE_NAME_MAX);
+ dev_config->name[VDUSE_NAME_MAX - 1] = '\0';
dev_config->device_id = device_id;
dev_config->vendor_id = vendor_id;
dev_config->features = features;
--
2.35.3
- [PULL 0/7] Block layer patches, Kevin Wolf, 2022/08/02
- [PULL 4/7] libvduse: Pass positive value to strerror(), Kevin Wolf, 2022/08/02
- [PULL 2/7] libvduse: Fix the incorrect function name, Kevin Wolf, 2022/08/02
- [PULL 1/7] block/io_uring: add missing include file, Kevin Wolf, 2022/08/02
- [PULL 3/7] libvduse: Replace strcpy() with strncpy(),
Kevin Wolf <=
- [PULL 6/7] qemu-iotests: Discard stderr when probing devices, Kevin Wolf, 2022/08/02
- [PULL 7/7] main loop: add missing documentation links to GS/IO macros, Kevin Wolf, 2022/08/02
- [PULL 5/7] hw/block/hd-geometry: Do not override specified bios-chs-trans, Kevin Wolf, 2022/08/02
- Re: [PULL 0/7] Block layer patches, Richard Henderson, 2022/08/02