This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] avoid buffer overflow in sunrpc clnt_create (BZ #22542)

On 02/07/2018 01:25 PM, Dmitry V. Levin wrote:

If strncpy starts generating a compilation error,  > then the only available choice seems to be memcpy:

Yes, memcpy is typically the way to go here.
len = strlen(av[1]); > assert(len > 0 && len <= sizeof(addr.sun_path)); > > if (++len >
sizeof(addr.sun_path)) > len = sizeof(addr.sun_path); > > memcpy(addr.sun_path, av[1], len); > len += offsetof(struct sockaddr_un, sun_path); > > unlink(av[1]); Yes, that should also work and it'll fix the unlink bug that I mentioned. You might also want to replace the "if" statement with "len += len < sizeof(addr.sun_path);", as that's simpler.
As struct sockaddr_un.sun_path is not necessarily a C string, pretending > that it is a C string would encourage users to replace strncpy with 
> memcpy.
There's nothing wrong with using memcpy for this test. On the contrary, memcpy improves the test by not unnecessarily initializing the part of addr.sun_path that doesn't need initializing. Programs like valgrind can use this information to catch bugs that the strncpy version would mask.
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]