discover/network: Null terminate ifname buffer explicitly
authorSamuel Mendoza-Jonas <sam@mendozajonas.com>
Wed, 30 May 2018 05:37:05 +0000 (15:37 +1000)
committerSamuel Mendoza-Jonas <sam@mendozajonas.com>
Tue, 12 Jun 2018 03:03:59 +0000 (13:03 +1000)
GCC 8 produces the following warning for network.c:

In function ‘network_handle_nlmsg’,
    inlined from ‘network_netlink_process’ at ../discover/network.c:726:3:
../discover/network.c:568:3: warning: ‘strncpy’ output may be truncated copying 15 bytes from a string of length 16 [-Wstringop-truncation]
   strncpy(interface->name, ifname, sizeof(interface->name) - 1);
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../discover/network.c:586:3: warning: ‘strncpy’ output may be truncated copying 15 bytes from a string of length 16 [-Wstringop-truncation]
   strncpy(interface->name, ifname, sizeof(interface->name) - 1);
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The code is safe since interface is allocated with talloc_zero() and we
could use -Wno-stringop-truncation to hide this but since this is the
only offender instead just copy the whole IFNAMSIZ bytes and explicitly
terminate the ifname buffer to be safe.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/network.c

index e2cae912182265eef225c86b130afc4fffafaea2..9594b2e48c6df4ce553d40007f1986da9945e7de 100644 (file)
@@ -506,7 +506,7 @@ static int network_handle_nlmsg(struct network *network, struct nlmsghdr *nlmsg)
        struct rtattr *attr;
        unsigned int mtu;
        uint8_t ifaddr[6];
-       char ifname[IFNAMSIZ+1];
+       char ifname[IFNAMSIZ];
        int attrlen, type;
 
 
@@ -534,6 +534,7 @@ static int network_handle_nlmsg(struct network *network, struct nlmsghdr *nlmsg)
 
                case IFLA_IFNAME:
                        strncpy(ifname, data, IFNAMSIZ);
+                       ifname[IFNAMSIZ - 1] = '\0';
                        have_ifname = true;
                        break;
 
@@ -565,7 +566,7 @@ static int network_handle_nlmsg(struct network *network, struct nlmsghdr *nlmsg)
                interface->ifindex = info->ifi_index;
                interface->state = IFSTATE_NEW;
                memcpy(interface->hwaddr, ifaddr, sizeof(interface->hwaddr));
-               strncpy(interface->name, ifname, sizeof(interface->name) - 1);
+               strncpy(interface->name, ifname, sizeof(interface->name));
 
                list_for_each_entry(&network->interfaces, tmp, list)
                        if (memcmp(interface->hwaddr, tmp->hwaddr,
@@ -583,7 +584,7 @@ static int network_handle_nlmsg(struct network *network, struct nlmsghdr *nlmsg)
        /* A repeated RTM_NEWLINK can represent an interface name change */
        if (strncmp(interface->name, ifname, IFNAMSIZ)) {
                pb_debug("ifname update: %s -> %s\n", interface->name, ifname);
-               strncpy(interface->name, ifname, sizeof(interface->name) - 1);
+               strncpy(interface->name, ifname, sizeof(interface->name));
                talloc_free(interface->dev->device->id);
                interface->dev->device->id =
                        talloc_strdup(interface->dev->device, ifname);