[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fwts-devel
Subject:    Re: ACK: [PATCH] acpi: syntaxcheck: strcpy should be replaced with strncpy (LP: #1205215)
From:       Keng-Yu Lin <kengyu () canonical ! com>
Date:       2013-07-29 9:03:00
Message-ID: CADXHx7bdG9xAC+bshQM=xgOCGz8OOJbZMOHDb=Mh+Q1fmexQvA () mail ! gmail ! com
[Download RAW message or body]

On Mon, Jul 29, 2013 at 4:13 PM, Alex Hung <alex.hung@canonical.com> wrote:
> On 07/26/2013 05:38 PM, Colin King wrote:
>>
>> From: Colin Ian King <colin.king@canonical.com>
>>
>> Coverity Scan complaining about a strcpy(). Although the buffer is
>> currently
>> bug enough, it may not be in the future, so use strncpy() to avoid buffer
>> overflow.
>>
>> CID null (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)2.
>>
>> Signed-off-by: Colin Ian King <colin.king@canonical.com>
>> ---
>>   src/acpi/syntaxcheck/syntaxcheck.c | 3 ++-
>>   1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/acpi/syntaxcheck/syntaxcheck.c
>> b/src/acpi/syntaxcheck/syntaxcheck.c
>> index 4b00480..55bcc7e 100644
>> --- a/src/acpi/syntaxcheck/syntaxcheck.c
>> +++ b/src/acpi/syntaxcheck/syntaxcheck.c
>> @@ -269,7 +269,8 @@ static const char *syntaxcheck_error_level(uint32_t
>> error_code)
>>                 return "Unknown";
>>
>>         /* AslErrorLevel strings are end-space padded, so strip off end
>> spaces if any */
>> -       strcpy(buf, AslErrorLevel[error_level]);
>> +       strncpy(buf, AslErrorLevel[error_level], sizeof(buf));
>> +       buf[sizeof(buf) -1] = '\0';
>>         ptr = strchr(buf, ' ');
>>         if (ptr)
>>                 *ptr = '\0';
>>
> Acked-by: Alex Hung <alex.hung@canonical.com>
>
> --
> Cheers,
> Alex Hung
>

Acked-by: Keng-Yu Lin <kengyu@canonical.com>


[prev in list] [next in list] [prev in thread] [next in thread]