Date: Sat, 27 Jan 2018 23:31:11 +0100 From: Dimitry Andric <dim@FreeBSD.org> To: Ed Schouten <ed@nuxi.nl> Cc: "Pedro F. Giffuni" <pfg@freebsd.org>, src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r328492 - head/contrib/opie/libopie Message-ID: <7C471160-44B3-4EA6-8995-08A4EB4332A1@FreeBSD.org> In-Reply-To: <CABh_MKn=3pRWyMHUAQkG17dQVBFEwFA2esFixPtgkCt7VE5oCw@mail.gmail.com> References: <201801272216.w0RMGJwo057492@repo.freebsd.org> <CABh_MKn=3pRWyMHUAQkG17dQVBFEwFA2esFixPtgkCt7VE5oCw@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On 27 Jan 2018, at 23:20, Ed Schouten <ed@nuxi.nl> wrote: > > 2018-01-27 23:16 GMT+01:00 Pedro F. Giffuni <pfg@freebsd.org>: >> char host[sizeof(utmp.ut_host) + 1]; >> insecure = 1; >> >> - strncpy(host, utmp.ut_host, sizeof(utmp.ut_host)); >> - host[sizeof(utmp.ut_host)] = 0; >> + strncpy(host, utmp.ut_host, sizeof(host)); > > Wait... This may access utmp.ut_host one byte past the end and no > longer guarantees that host is null-terminated, right? No, strncpy "copies at most len characters from src into dst". However, if the length of the source is equal to or greater than len, the destination is *not* null terminated. This is likely why the "host[sizeof(utmp.ut_host)] = 0;" statement was added. In any case, this is why strlcpy exists. :) -Dimitry [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.2 iF0EARECAB0WIQR6tGLSzjX8bUI5T82wXqMKLiCWowUCWmz9rwAKCRCwXqMKLiCW ozvjAJwOzX8s9AFtYs55JtxbfsyJl3NHUwCZAVBzD3h33L0t/vC4Q1gNTs2A9es= =aCkh -----END PGP SIGNATURE-----home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7C471160-44B3-4EA6-8995-08A4EB4332A1>