[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cpio - covscan issues
From: |
Kamil Dudka |
Subject: |
Re: cpio - covscan issues |
Date: |
Thu, 08 Apr 2021 12:02:10 +0200 |
On Thursday, April 8, 2021 9:47:05 AM CEST Ondrej Dubaj wrote:
> Hello,
>
> proposing patch for some of the issues found by coverity scan in cpio-2.13
>
> Patch:
>
> diff --git a/src/tar.c b/src/tar.c
> index 99ef8a2..a5873e7 100644
> --- a/src/tar.c
> +++ b/src/tar.c
> @@ -146,6 +146,7 @@ write_out_tar_header (struct cpio_file_stat *file_hdr,
> int out_des)
> name_len = strlen (file_hdr->c_name);
> if (name_len <= TARNAMESIZE)
> {
> + memset(tar_hdr->name, '\0', name_len+1);
> strncpy (tar_hdr->name, file_hdr->c_name, name_len);
> }
> else
This is obviously incorrect because it would write past the tar_hdr->name
array in case (name_len == TARNAMESIZE).
Kamil
Re: cpio - covscan issues, Paul Eggert, 2021/04/08