public inbox for passt-dev@passt.top
 help / color / mirror / code / Atom feed
From: Stefano Brivio <sbrivio@redhat.com>
To: David Gibson <david@gibson.dropbear.id.au>
Cc: passt-dev@passt.top, Matej Hrica <mhrica@redhat.com>
Subject: Re: [PATCH 1/4] conf: Copy up to MAXDNSRCH - 1 bytes, not MAXDNSRCH
Date: Thu, 27 Jun 2024 09:27:01 +0200	[thread overview]
Message-ID: <20240627092653.372a58ea@elisabeth> (raw)
In-Reply-To: <Zny2KHYeBxYePg5K@zatzit>

On Thu, 27 Jun 2024 10:45:28 +1000
David Gibson <david@gibson.dropbear.id.au> wrote:

> On Thu, Jun 27, 2024 at 01:45:33AM +0200, Stefano Brivio wrote:
> > Spotted by Coverity just recently. Not that it really matters as
> > MAXDNSRCH always appears to be defined as 1025, while a full domain
> > name can have up to 253 characters: it would be a bit pointless to
> > have a longer search domain.
> > 
> > Signed-off-by: Stefano Brivio <sbrivio@redhat.com>  
> 
> Hm.  So, IIRC strncpy() won't \0 terminate in the case where it
> truncates.  I guess we'll get away with that here since we expect
> c->dns_search to be filled with \0 before hand.  That's... more
> fragile than ideal, though.

Well, we know we start from a zero-initialised area, that's by design,
it's not that we get away with it. Without that consideration not many
things would work in this function.

Are you suggesting to use snprintf()? It looks a bit pedantic to me but
I'm fine with it. Otherwise, feel free to post a patch fixing it in a
way you feel it's ideal...

> > ---
> >  conf.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/conf.c b/conf.c
> > index e1f5422..9e47e9a 100644
> > --- a/conf.c
> > +++ b/conf.c
> > @@ -453,7 +453,7 @@ static void get_dns(struct ctx *c)
> >  			while (s - c->dns_search < ARRAY_SIZE(c->dns_search) - 1
> >  			       /* cppcheck-suppress strtokCalled */
> >  			       && (p = strtok(NULL, " \t"))) {
> > -				strncpy(s->n, p, sizeof(c->dns_search[0]));
> > +				strncpy(s->n, p, sizeof(c->dns_search[0]) - 1);
> >  				s++;
> >  				*s->n = 0;
> >  			}  
> 

-- 
Stefano


  reply	other threads:[~2024-06-27  7:27 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-06-26 23:45 [PATCH 0/4] Small, assorted "hardening" fixes Stefano Brivio
2024-06-26 23:45 ` [PATCH 1/4] conf: Copy up to MAXDNSRCH - 1 bytes, not MAXDNSRCH Stefano Brivio
2024-06-27  0:45   ` David Gibson
2024-06-27  7:27     ` Stefano Brivio [this message]
2024-06-27 10:11       ` David Gibson
2024-06-26 23:45 ` [PATCH 2/4] tcp_splice: Check return value of setsockopt() for SO_RCVLOWAT Stefano Brivio
2024-06-27  0:46   ` David Gibson
2024-06-26 23:45 ` [PATCH 3/4] util, lineread, tap: Overflow checks on long signed sums and subtractions Stefano Brivio
2024-06-27  1:13   ` David Gibson
2024-06-27  7:55     ` Stefano Brivio
2024-06-27 20:46       ` Stefano Brivio
2024-06-28  7:15         ` David Gibson
2024-06-28  7:11       ` David Gibson
2024-06-28  7:55         ` Stefano Brivio
2024-06-28 18:30           ` Stefano Brivio
2024-07-08 13:01             ` Stefano Brivio
2024-06-26 23:45 ` [PATCH 4/4] tap: Drop frames from guest whose length is more than remaining buffer Stefano Brivio
2024-06-27  1:30   ` David Gibson
2024-06-27  8:21     ` Stefano Brivio
2024-06-28  7:19       ` David Gibson
2024-06-28  7:56         ` Stefano Brivio

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240627092653.372a58ea@elisabeth \
    --to=sbrivio@redhat.com \
    --cc=david@gibson.dropbear.id.au \
    --cc=mhrica@redhat.com \
    --cc=passt-dev@passt.top \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://passt.top/passt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).