[SLOF] [PATCH] net: use FILENAME_MAX for arrays storing file name
Segher Boessenkool
segher at kernel.crashing.org
Wed Aug 2 23:20:36 AEST 2017
On Wed, Aug 02, 2017 at 04:10:03PM +0530, Nikunj A Dadhania wrote:
> Segher Boessenkool <segher at kernel.crashing.org> writes:
>
> > On Tue, Aug 01, 2017 at 02:38:57PM +0530, Nikunj A Dadhania wrote:
> >> Magic numbers were used at multiple places in the network code for size for
> >> maximum file name. Use FILENAME_MAX uniformly.
> >>
> >> Static analysis tool was reporting issues with using strcpy and suggesting to
> >> be replaced with strncpy.
> >
> > You're not zero-terminating any of these strings,
>
> I assumed that strncpy will do that :(
It doesn't; strncpy is meant for dealing with fixed-length records, not
zero-terminated strings.
> > nor handling overflow in any way.
>
> I dont get what do you mean here, if we limit the max size, would't it
> limit overflow?
It limits it, sure, but that is both a security and a functionality
bug itself. You should return an error some way (and abort might be
good enough in many cases, even); as is you're only replacing one bug
with another. Slightly easier to spot perhaps, memory corruptions
are vile :-)
Segher
More information about the SLOF
mailing list