[SLOF] [PATCH] net: use FILENAME_MAX for arrays storing file name

Nikunj A Dadhania nikunj at linux.vnet.ibm.com
Tue Aug 1 19:08:57 AEST 2017 

Magic numbers were used at multiple places in the network code for size for
maximum file name. Use FILENAME_MAX uniformly.

Static analysis tool was reporting issues with using strcpy and suggesting to
be replaced with strncpy.

Signed-off-by: Nikunj A Dadhania <nikunj at linux.vnet.ibm.com>
---
 lib/libnet/bootp.c |  4 ++--
 lib/libnet/dhcp.c  | 16 +++++++---------
 lib/libnet/dhcp.h  |  2 +-
 lib/libnet/dns.c   |  7 ++++---
 lib/libnet/tftp.c  |  8 ++++----
 lib/libnet/tftp.h  |  4 +++-
 6 files changed, 21 insertions(+), 20 deletions(-)

diff --git a/lib/libnet/bootp.c b/lib/libnet/bootp.c
index 6d58cef..9609da2 100644
--- a/lib/libnet/bootp.c
+++ b/lib/libnet/bootp.c
@@ -74,7 +74,7 @@ send_bootp(filename_ip_t * fn_ip)
 	btph->op = 1;
 	btph->htype = 1;
 	btph->hlen = 6;
-	strcpy((char *) btph->file, "bla");
+	strncpy((char *) btph->file, "bla", FILENAME_MAX);
 	memcpy(btph->chaddr, get_mac_address(), 6);
 
 #if DEBUG
@@ -166,7 +166,7 @@ receive_bootp(filename_ip_t * fn_ip)
 
 		fn_ip->own_ip = btph->yiaddr;
 		fn_ip->server_ip = btph->siaddr;
-		strcpy((char *) fn_ip->filename, (char *) btph->file);
+		strncpy((char *) fn_ip->filename, (char *) btph->file, FILENAME_MAX);
 
 #if DEBUG
 		printf("\nThese are the details of the bootp reply:\n");
diff --git a/lib/libnet/dhcp.c b/lib/libnet/dhcp.c
index 0cb4fa4..4cd9aa9 100644
--- a/lib/libnet/dhcp.c
+++ b/lib/libnet/dhcp.c
@@ -164,8 +164,8 @@ static uint8_t  ether_packet[ETH_MTU_SIZE];
 static uint32_t dhcp_own_ip        = 0;
 static uint32_t dhcp_server_ip     = 0;
 static uint32_t dhcp_siaddr_ip     = 0;
-static char   dhcp_filename[256];
-static char   dhcp_tftp_name[256];
+static char   dhcp_filename[FILENAME_MAX];
+static char   dhcp_tftp_name[FILENAME_MAX];
 static uint32_t dhcp_xid;
 
 static char   * response_buffer;
@@ -197,7 +197,7 @@ int32_t dhcpv4(char *ret_buffer, filename_ip_t *fn_ip)
 		dhcp_siaddr_ip = fn_ip->server_ip;
 	}
 	if(fn_ip->filename[0] != 0) {
-		strcpy(dhcp_filename, (char *) fn_ip->filename);
+		strncpy(dhcp_filename, (char *) fn_ip->filename, FILENAME_MAX);
 	}
 
 	// TFTP SERVER
@@ -230,7 +230,7 @@ int32_t dhcpv4(char *ret_buffer, filename_ip_t *fn_ip)
 	// Store configuration info into filename_ip strucutre
 	fn_ip -> own_ip = dhcp_own_ip;
 	fn_ip -> server_ip = dhcp_tftp_ip;
-	strcpy((char *) fn_ip -> filename, dhcp_filename);
+	strncpy((char *) fn_ip -> filename, dhcp_filename, FILENAME_MAX);
 
 	return 0;
 }
@@ -883,7 +883,7 @@ int8_t handle_dhcp(int fd, uint8_t * packet, int32_t packetsize)
 				dhcp_server_ip = opt.server_ID;
 				dhcp_siaddr_ip = htonl(btph -> siaddr);
 				if (opt.flag[DHCP_TFTP_SERVER]) {
-					strcpy((char *) dhcp_tftp_name, (char *) opt.tftp_server);
+					strncpy((char *) dhcp_tftp_name, (char *) opt.tftp_server, FILENAME_MAX);
 				}
 				else {
 					strcpy((char *) dhcp_tftp_name, "");
@@ -898,16 +898,14 @@ int8_t handle_dhcp(int fd, uint8_t * packet, int32_t packetsize)
 				}
 
 				if (opt.flag[DHCP_BOOTFILE]) {
-					strcpy((char *) dhcp_filename, (char *) opt.bootfile);
+					strncpy((char *) dhcp_filename, (char *) opt.bootfile, FILENAME_MAX);
 				}
 				else {
 					strcpy((char *) dhcp_filename, "");
 					if (opt.overload != DHCP_OVERLOAD_FILE &&
 						opt.overload != DHCP_OVERLOAD_BOTH &&
 						strlen((char *) btph -> file)) {
-						strncpy((char *) dhcp_filename,
-						        (char *) btph->file,
-						        sizeof(btph->file));
+						strncpy((char *) dhcp_filename, (char *) btph->file, FILENAME_MAX);
 						dhcp_filename[sizeof(btph -> file)] = 0;
 					}
 				}
diff --git a/lib/libnet/dhcp.h b/lib/libnet/dhcp.h
index 4432c9b..760093e 100644
--- a/lib/libnet/dhcp.h
+++ b/lib/libnet/dhcp.h
@@ -34,7 +34,7 @@ struct btphdr {
 	uint32_t giaddr;     /**< Gateway IP address (used by relay agents)    */
 	uint8_t chaddr[16];  /**< Client HW address                            */
 	uint8_t sname[64];   /**< Server host name (TFTP server name)          */
-	uint8_t file[128];   /**< Boot file name                               */
+	uint8_t file[FILENAME_MAX];   /**< Boot file name                               */
 	uint8_t vend[64];    /**< Optional parameters field (DHCP-options)     */
 };
 
diff --git a/lib/libnet/dns.c b/lib/libnet/dns.c
index a7313a9..d3c2e69 100644
--- a/lib/libnet/dns.c
+++ b/lib/libnet/dns.c
@@ -22,6 +22,7 @@
 #include <ipv4.h>
 #include <ipv6.h>
 #include <udp.h>
+#include <tftp.h>
 
 #define DNS_FLAG_MSGTYPE    0xF800	/**< Message type mask (opcode) */
 #define DNS_FLAG_SQUERY     0x0000 	/**< Standard query type        */
@@ -88,8 +89,8 @@ static uint8_t dns_server_ipv6[16] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
 static int32_t dns_result_ip       = 0;
 static uint8_t dns_result_ipv6[16] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
 static int8_t  dns_error           = 0;        /**< Stores error code or 0 */
-static int8_t  dns_domain_name[0x100];       /**< Raw domain name        */
-static int8_t  dns_domain_cname[0x100];      /**< Canonical domain name  */
+static int8_t  dns_domain_name[FILENAME_MAX];  /**< Raw domain name        */
+static int8_t  dns_domain_cname[FILENAME_MAX]; /**< Canonical domain name  */
 
 /**************************** IMPLEMENTATION *****************************/
 
@@ -363,7 +364,7 @@ fill_dnshdr(uint8_t * packet, int8_t * domain_name, uint8_t ip_version)
 	dnsh -> flags = htons(DNS_FLAG_SQUERY) | htons(DNS_FLAG_RD);
 	dnsh -> qdcount = htons(1);
 
-	strcpy((char *) qry_section, (char *) domain_name);
+	strncpy((char *) qry_section, (char *) domain_name, FILENAME_MAX);
 	qry_section += strlen((char *) domain_name) + 1;
 
 	// fill QTYPE (ask for IP)
diff --git a/lib/libnet/tftp.c b/lib/libnet/tftp.c
index cda8bf3..972e28a 100644
--- a/lib/libnet/tftp.c
+++ b/lib/libnet/tftp.c
@@ -613,7 +613,7 @@ int parse_tftp_args(char buffer[], char *server_ip, char filename[], int fd,
 	char *raw;
 	char *tmp, *tmp1;
 	int i, j = 0;
-	char domainname[256];
+	char domainname[FILENAME_MAX];
 	uint8_t server_ip6[16];
 
 	raw = malloc(len);
@@ -654,7 +654,7 @@ int parse_tftp_args(char buffer[], char *server_ip, char filename[], int fd,
 		}
 		else {
 			/* found filename */
-			strcpy(filename, tmp1 + 1);
+			strncpy(filename, tmp1 + 1, FILENAME_MAX);
 			free(raw);
 			return 0;
 		}
@@ -685,14 +685,14 @@ int parse_tftp_args(char buffer[], char *server_ip, char filename[], int fd,
 		j = tmp1 - (raw + 7);
 		tmp = raw + 7;
 		tmp[j] = '\0';
-		strcpy(domainname, tmp);
+		strncpy(domainname, tmp, FILENAME_MAX);
 		if (dns_get_ip(fd, domainname, server_ip6, 6) == 0) {
 			printf("\n DNS failed for IPV6\n");
 			return -1;
 		}
 		ipv6_to_str(server_ip6, server_ip);
 
-		strcpy(filename, tmp1 + 1);
+		strncpy(filename, tmp1 + 1, FILENAME_MAX);
 		free(raw);
 		return 0;
 	}
diff --git a/lib/libnet/tftp.h b/lib/libnet/tftp.h
index b1dbc21..b27a264 100644
--- a/lib/libnet/tftp.h
+++ b/lib/libnet/tftp.h
@@ -17,6 +17,8 @@
 #include <stdint.h>
 #include "ipv6.h"
 
+#define FILENAME_MAX 256
+
 struct tftphdr {
 	int16_t th_opcode;
 	uint16_t th_data;
@@ -28,7 +30,7 @@ struct filename_ip {
 	uint32_t server_ip;
 	ip6_addr_t server_ip6;
 	ip6_addr_t dns_ip6;
-	int8_t filename[256];
+	int8_t filename[FILENAME_MAX];
 	int    fd;
 } __attribute__ ((packed));
 typedef struct filename_ip filename_ip_t;
-- 
2.9.3

More information about the SLOF mailing list