Re: [PATCH 2/2] hw/rdma: avoid suspicious strncpy() use

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/2] hw/rdma: avoid suspicious strncpy() use

From:	Marcel Apfelbaum
Subject:	Re: [PATCH 2/2] hw/rdma: avoid suspicious strncpy() use
Date:	Sat, 21 Mar 2020 19:25:31 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.3.1

Hi Stefan,

On 3/20/20 1:55 PM, Yuval Shaia wrote:

On Mon, 16 Mar 2020 at 18:07, Stefan Hajnoczi <address@hidden<mailto:address@hidden>> wrote:


    gcc (GCC) 9.2.1 20190827 (Red Hat 9.2.1-1) with sanitizers enabled
    reports the following error:

      CC      x86_64-softmmu/hw/rdma/vmw/pvrdma_dev_ring.o
    In file included from /usr/include/string.h:495,
                     from include/qemu/osdep.h:101,
                     from hw/rdma/vmw/pvrdma_dev_ring.c:16:
    In function ‘strncpy’,
        inlined from ‘pvrdma_ring_init’ at
    hw/rdma/vmw/pvrdma_dev_ring.c:33:5:
    /usr/include/bits/string_fortified.h:106:10: error:
    ‘__builtin_strncpy’ specified bound 32 equals destination size
    [-Werror=stringop-truncation]
      106 |   return __builtin___strncpy_chk (__dest, __src, __len,
    __bos (__dest));
          | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Use pstrcpy() instead of strncpy().  It is guaranteed to NUL-terminate
    strings.

    Signed-off-by: Stefan Hajnoczi <address@hidden
    <mailto:address@hidden>>
    ---
     hw/rdma/vmw/pvrdma_dev_ring.c | 4 ++--
     1 file changed, 2 insertions(+), 2 deletions(-)

    diff --git a/hw/rdma/vmw/pvrdma_dev_ring.c
    b/hw/rdma/vmw/pvrdma_dev_ring.c
    index d7bc7f5ccc..74b8fa834c 100644
    --- a/hw/rdma/vmw/pvrdma_dev_ring.c
    +++ b/hw/rdma/vmw/pvrdma_dev_ring.c
    @@ -14,6 +14,7 @@
      */

     #include "qemu/osdep.h"
    +#include "qemu/cutils.h"
     #include "hw/pci/pci.h"
     #include "cpu.h"

    @@ -30,8 +31,7 @@ int pvrdma_ring_init(PvrdmaRing *ring, const
    char *name, PCIDevice *dev,
         int i;
         int rc = 0;

    -    strncpy(ring->name, name, MAX_RING_NAME_SZ);
    -    ring->name[MAX_RING_NAME_SZ - 1] = 0;
    +    pstrcpy(ring->name, MAX_RING_NAME_SZ, name);
         ring->dev = dev;
         ring->ring_state = ring_state;
         ring->max_elems = max_elems;

--2.24.1



Thanks,

Reviewed-by: Yuval Shaia <yuval.shaia.ml.gmail.com<http://yuval.shaia.ml.gmail.com>>


I'll add this patch to the pvrdma queue.

Thanks,
Marcel

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 1/2] migration: avoid suspicious strncpy() use, (continued)
- [PATCH 2/2] hw/rdma: avoid suspicious strncpy() use, Stefan Hajnoczi, 2020/03/16
  - Re: [PATCH 2/2] hw/rdma: avoid suspicious strncpy() use, Juan Quintela, 2020/03/16
  - Re: [PATCH 2/2] hw/rdma: avoid suspicious strncpy() use, Yuval Shaia, 2020/03/20
    - Re: [PATCH 2/2] hw/rdma: avoid suspicious strncpy() use, Marcel Apfelbaum <=

Prev by Date: Re: [PULL 21/36] hw/arm/allwinner-h3: add Boot ROM support
Next by Date: In tree configure errors since 6116aea9
Previous by thread: Re: [PATCH 2/2] hw/rdma: avoid suspicious strncpy() use
Next by thread: [PULL 00/38] Linux user for 5.0 patches
Index(es):
- Date
- Thread