[PATCH] selftests/powerpc: Fix strncpy usage

Breno Leitao leitao at debian.org
Tue Jun 26 07:21:24 AEST 2018


hi Segher,

On 06/22/2018 10:10 PM, Segher Boessenkool wrote:
>> -       strncpy(prog, argv[0], strlen(argv[0]));
>> +       if (strlen(argv[0]) >= LEN_MAX){
>> +               fprintf(stderr, "Very big executable name: %s\n", argv[0]);
>> +               return 1;
>> +       }
>> +
>> +       strncpy(prog, argv[0], sizeof(prog) - 1);
> 
> The strlen reads all of argv[0], which can be very big in theory.  It won't
> matter in this test file -- program arguments cannot be super long, for one
> thing -- but it's not a good idea in general (that is one of the problems
> of strlcpy, btw).
> 
> Best of course is to avoid string length restrictions completely, if you can.

Right, I was thinking about this problem and there is no motivation to have a
statically allocated and limited region.

I will send a v2 where 'prog' and avoid this restriction completely.

Thanks


More information about the Linuxppc-dev mailing list