[prev in list] [next in list] [prev in thread] [next in thread]
List: fwts-devel
Subject: Re: ACK: [PATCH] acpi: syntaxcheck: strcpy should be replaced with strncpy (LP: #1205215)
From: Keng-Yu Lin <kengyu () canonical ! com>
Date: 2013-07-29 9:03:00
Message-ID: CADXHx7bdG9xAC+bshQM=xgOCGz8OOJbZMOHDb=Mh+Q1fmexQvA () mail ! gmail ! com
[Download RAW message or body]
On Mon, Jul 29, 2013 at 4:13 PM, Alex Hung <alex.hung@canonical.com> wrote:
> On 07/26/2013 05:38 PM, Colin King wrote:
>>
>> From: Colin Ian King <colin.king@canonical.com>
>>
>> Coverity Scan complaining about a strcpy(). Although the buffer is
>> currently
>> bug enough, it may not be in the future, so use strncpy() to avoid buffer
>> overflow.
>>
>> CID null (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)2.
>>
>> Signed-off-by: Colin Ian King <colin.king@canonical.com>
>> ---
>> src/acpi/syntaxcheck/syntaxcheck.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/acpi/syntaxcheck/syntaxcheck.c
>> b/src/acpi/syntaxcheck/syntaxcheck.c
>> index 4b00480..55bcc7e 100644
>> --- a/src/acpi/syntaxcheck/syntaxcheck.c
>> +++ b/src/acpi/syntaxcheck/syntaxcheck.c
>> @@ -269,7 +269,8 @@ static const char *syntaxcheck_error_level(uint32_t
>> error_code)
>> return "Unknown";
>>
>> /* AslErrorLevel strings are end-space padded, so strip off end
>> spaces if any */
>> - strcpy(buf, AslErrorLevel[error_level]);
>> + strncpy(buf, AslErrorLevel[error_level], sizeof(buf));
>> + buf[sizeof(buf) -1] = '\0';
>> ptr = strchr(buf, ' ');
>> if (ptr)
>> *ptr = '\0';
>>
> Acked-by: Alex Hung <alex.hung@canonical.com>
>
> --
> Cheers,
> Alex Hung
>
Acked-by: Keng-Yu Lin <kengyu@canonical.com>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic