Date: Sun, 02 May 2010 12:06:55 +0200 From: Matthias Andree <matthias.andree@tu-dortmund.de> To: Alfred Perlstein <alfred@freebsd.org> Cc: hackers@freebsd.org Subject: Re: Coverity warning: strncpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); Message-ID: <4BDD4EBF.5040807@tu-dortmund.de> In-Reply-To: <20100501223524.GU36233@elvis.mu.org> References: <20100501223524.GU36233@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Alfred Perlstein schrieb: > I notice this code sprinkled through the sources: > strncpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); > > This trips up coverity because it does not know for sure > that the string returned by cam_sim_name() is going to > be DEV_IDLEN-1 characters long. Right. strncpy/strncat are examples for features that the C standards libc had better not ever had, similar to [f]gets... > Should we switch these calls to strlcpy? Is there a smarter > thing to do to code more defensively? if dev_name is a vector of char or equally sized types: (cpi->dev_name)[DEV_IDLEN-1] = '\0'; However, rather than relying on implicit assumptions and inefficiencies, I'd still prefer memset + strlcpy. -- Matthias Andree
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BDD4EBF.5040807>