From owner-freebsd-hackers@FreeBSD.ORG  Sun May  2 10:21:48 2010
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 03FFB106564A
	for <hackers@freebsd.org>; Sun,  2 May 2010 10:21:48 +0000 (UTC)
	(envelope-from matthias.andree@tu-dortmund.de)
Received: from unimail.uni-dortmund.de (mx1.HRZ.Uni-Dortmund.DE
	[129.217.128.51])
	by mx1.freebsd.org (Postfix) with ESMTP id 8F6EE8FC12
	for <hackers@freebsd.org>; Sun,  2 May 2010 10:21:47 +0000 (UTC)
Received: from [192.168.0.3] (p4FE32DA6.dip.t-dialin.net [79.227.45.166])
	(authenticated bits=0)
	by unimail.uni-dortmund.de (8.14.4/8.14.4) with ESMTP id o42A6tXB023958
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Sun, 2 May 2010 12:07:13 +0200 (CEST)
Message-ID: <4BDD4EBF.5040807@tu-dortmund.de>
Date: Sun, 02 May 2010 12:06:55 +0200
From: Matthias Andree <matthias.andree@tu-dortmund.de>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
	rv:1.8.1.24) Gecko/20100411 Thunderbird/2.0.0.24 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Alfred Perlstein <alfred@freebsd.org>
References: <20100501223524.GU36233@elvis.mu.org>
In-Reply-To: <20100501223524.GU36233@elvis.mu.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Sun, 02 May 2010 12:00:52 +0000
Cc: hackers@freebsd.org
Subject: Re: Coverity warning: strncpy(cpi->dev_name,
	cam_sim_name(sim),	DEV_IDLEN); 
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 02 May 2010 10:21:48 -0000

Alfred Perlstein schrieb:
> I notice this code sprinkled through the sources:
>   strncpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
> 
> This trips up coverity because it does not know for sure
> that the string returned by cam_sim_name() is going to 
> be DEV_IDLEN-1 characters long.

Right. strncpy/strncat are examples for features that the C standards
libc had better not ever had, similar to [f]gets...

> Should we switch these calls to strlcpy?  Is there a smarter
> thing to do to code more defensively?

if dev_name is a vector of char or equally sized types:
(cpi->dev_name)[DEV_IDLEN-1] = '\0';

However, rather than relying on implicit assumptions and inefficiencies,
I'd still prefer memset + strlcpy.

-- 
Matthias Andree