Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 2 Dec 2005 11:17:28 -0500
From:      Garance A Drosehn <gad@FreeBSD.org>
To:        Doug Ambrisko <ambrisko@ambrisko.com>, Pawel Jakub Dawidek <pjd@FreeBSD.org>
Cc:        Doug Ambrisko <ambrisko@FreeBSD.org>, src-committers@FreeBSD.org, cvs-all@FreeBSD.org, cvs-src@FreeBSD.org
Subject:   Re: cvs commit: src Makefile.inc1 src/lib/libc/gen __xuname.c getosreldate.c
Message-ID:  <p06230903bfb623722768@[128.113.24.47]>
In-Reply-To: <200512021457.jB2EvWbr075948@ambrisko.com>
References:  <200512021457.jB2EvWbr075948@ambrisko.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
At 6:57 AM -0800 12/2/05, Doug Ambrisko wrote:
>Pawel Jakub Dawidek writes:
>| [...]
>| +> 	name->sysname[sizeof(name->sysname) - 1] = '\0';
>| +> +	if ((p = getenv("UNAME_s")))
>| +> +		strncpy(name->sysname, p, sizeof(name->sysname));
>| [...]
>| +> 	name->release[sizeof(name->release) - 1] = '\0';
>| +> +	if ((p = getenv("UNAME_r")))
>| +> +		strncpy(name->release, p, sizeof(name->release));
>| [...]
>| +> +	if ((p = getenv("UNAME_v")))
>| +> +		strncpy(name->version, p, sizeof(name->version));
>| [...]
>| +> 	name->machine[sizeof(name->machine) - 1] = '\0';
>| +> +	if ((p = getenv("UNAME_m")))
>| +> +		strncpy(name->machine, p, sizeof(name->machine));
>|
>| As you can see, previous code tried to NULL-terminate buffer
>| copied using strncpy(3) properly and you inserted your changes
>| after these terminations. Please, NULL-terminate the buffers
>| after using strncpy(3).
>
>The prior code had to NULL-terminate by hand since the data could
>come from the sysctl not NULL-terminate.  I thought the strncpy
>would NULL-terminate but you are correct.

strncpy is meant for strings where you don't want null-termination
(such as fixed-length fields in structs).  It was not meant for
situations like this.  Code like this should use strlcpy() instead.

-- 
Garance Alistair Drosehn     =      gad@gilead.netel.rpi.edu
Senior Systems Programmer               or   gad@FreeBSD.org
Rensselaer Polytechnic Institute;             Troy, NY;  USA

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p06230903bfb623722768>