]> git.michaelhowe.org Git - packages/o/openafs.git/commitdiff
projects / packages / o / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b5ebfec)
cmd: Use strl* rather than strn* to avoid overrun
authorSimon Wilkinson <sxw@your-file-system.com>
Sat, 31 Mar 2012 10:58:01 +0000 (06:58 -0400)
committerDerrick Brashear <shadow@dementix.org>
Mon, 9 Apr 2012 01:18:48 +0000 (18:18 -0700)
The NName function was using strncat(a, b, sizeof(a)), which doesn't
work as you would expect if 'a' already contains data. To avoid the
potential buffer overflow, switch to just using strlcat.

Caught by clang-analyzer

Change-Id: Idd2c630c07a93b27e8d629339589aa6686290eae
Reviewed-on: http://gerrit.openafs.org/7092
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
src/cmd/cmd.c patch | blob | history

diff --git a/src/cmd/cmd.c b/src/cmd/cmd.c
index 90fa470d4cdefef255d7e262122934eb666374f8..f5282a377830e24504742f212df6295aa78843fc 100644 (file)
--- a/src/cmd/cmd.c
+++ b/src/cmd/cmd.c
@@ -42,9 +42,8 @@ NName(char *a1, char *a2)
     if (strlen(a1) == 0) {
         return "";
     } else {
-        strncpy(tbuffer, a1, sizeof(tbuffer));
-        strncat(tbuffer, a2, sizeof(tbuffer));
-        tbuffer[sizeof(tbuffer)-1]='\0';
+        strlcpy(tbuffer, a1, sizeof(tbuffer));
+        strlcat(tbuffer, a2, sizeof(tbuffer));
         return tbuffer;
     }
 }