Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 5 May 2005 23:20:13 -0700
From:      John-Mark Gurney <gurney_j@resnet.uoregon.edu>
To:        "M. Warner Losh" <imp@bsdimp.com>
Cc:        cperciva@freebsd.org
Subject:   Re: cvs commit: src/sys/kern subr_bus.c subr_rman.c vfs_subr.c src/sys/net if_mib.c src/sys/netinet ip_divert.c raw_ip.c udp_usrreq.c
Message-ID:  <20050506062013.GD2670@funkthat.com>
In-Reply-To: <20050505.232214.96921001.imp@bsdimp.com>
References:  <200505060248.j462mL0k009905@repoman.freebsd.org> <20050506032202.GC2670@funkthat.com> <20050505.232214.96921001.imp@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Warner Losh wrote this message on Thu, May 05, 2005 at 23:22 -0600:
> In message: <20050506032202.GC2670@funkthat.com>
>             John-Mark Gurney <gurney_j@resnet.uoregon.edu> writes:
> : Colin Percival wrote this message on Fri, May 06, 2005 at 02:48 +0000:
> : > cperciva    2005-05-06 02:48:21 UTC
> : > 
> : >   FreeBSD src repository
> : > 
> : >   Modified files:
> : >     sys/kern             subr_bus.c subr_rman.c vfs_subr.c 
> : >     sys/net              if_mib.c 
> : >     sys/netinet          ip_divert.c raw_ip.c udp_usrreq.c 
> : >   Log:
> : >   If we are going to
> : >   1. Copy a NULL-terminated string into a fixed-length buffer, and
> : >   2. copyout that buffer to userland,
> : >   we really ought to
> : >   0. Zero the entire buffer
> : >   first.
> : >   
> : >   Security: FreeBSD-SA-05:08.kmem
> : 
> : /me notes this is a good reason to use strncpy instead of strlcpy.
> 
> Don't you mean the opposite?

Nope, from strncpy(3):
     The strncpy() copies not more than len characters into dst, appending
     `\0' characters if src is less than len characters long,

This is a little bit terse, but strncpy NUL pads the remaining buffer,
unlike strlcpy which leaves any unused bytes untouched...  And yes, our
libkern version of strncpy does do this:
				/* NUL pad the remaining n-1 bytes */
				while (--n != 0)
					*d++ = 0;

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050506062013.GD2670>