[Skiboot] [PATCH] libffs: Fix string truncation gcc warning.
Oliver
oohall at gmail.com
Wed Feb 20 15:10:42 AEDT 2019
On Wed, Feb 20, 2019 at 2:11 PM Stewart Smith <stewart at linux.ibm.com> wrote:
>
> From: Michal Suchanek <msuchanek at suse.de>
>
> Allow one more byte copied. The allocated space has extra byte anyway.
>
> Signed-off-by: Michal Suchanek <msuchanek at suse.de>
> ---
> libflash/libffs.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libflash/libffs.c b/libflash/libffs.c
> index 221c2b024c10..4eb0ffa997ac 100644
> --- a/libflash/libffs.c
> +++ b/libflash/libffs.c
> @@ -522,7 +522,7 @@ int ffs_part_info(struct ffs_handle *ffs, uint32_t part_idx,
> n = calloc(1, FFS_PART_NAME_MAX + 1);
> if (!n)
> return FLASH_ERR_MALLOC_FAILED;
> - strncpy(n, ent->name, FFS_PART_NAME_MAX);
> + strncpy(n, ent->name, FFS_PART_NAME_MAX + 1);
Eh... If the partition name uses all 16 bytes of the name (i.e it's
not terminated) then ent->name will be left unterminated with this
change. The comments on ffs_entry are correct the name field is
supposed to be terminated anyway so only copying FFS_PART_NAME_MAX
(15) bytes is better since it doesn't require the FFS input to be well
formed.
> *name = n;
> }
> return 0;
> --
> 2.20.1
>
> _______________________________________________
> Skiboot mailing list
> Skiboot at lists.ozlabs.org
> https://lists.ozlabs.org/listinfo/skiboot
More information about the Skiboot
mailing list