[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 6/7] libxc: Fix misleading use of strncpy code in build_hvm_info()



On 01/07/15 18:37, Jennifer Herbert wrote:
> hvm_info->signature is not a string, but an 64 bit int, and is not
> NULL terminated.  The use of strncpy to populate it is inappropriate and
> potentially misleading.  A cursory glance might have you thinking someone
> had miscounted the length of the string literal - not realising it was
> intentionally cropping of the null termination.
> Also, since we wish to initialise all of hvm_info->signature, and
> certainly no more, the use of sizeof is safer.
>
> Signed-off-by: Jennifer Herbert <jennifer.herbert@xxxxxxxxxx>

Coverity-ID: 1198710

~Andrew

> ---
>  tools/libxc/xc_hvm_build_x86.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/libxc/xc_hvm_build_x86.c b/tools/libxc/xc_hvm_build_x86.c
> index 003ea06..ec5ef4d 100644
> --- a/tools/libxc/xc_hvm_build_x86.c
> +++ b/tools/libxc/xc_hvm_build_x86.c
> @@ -99,7 +99,7 @@ static void build_hvm_info(void *hvm_info_page,
>      memset(hvm_info_page, 0, PAGE_SIZE);
>  
>      /* Fill in the header. */
> -    strncpy(hvm_info->signature, "HVM INFO", 8);
> +    memcpy(hvm_info->signature, "HVM INFO", sizeof(hvm_info->signature));
>      hvm_info->length = sizeof(struct hvm_info_table);
>  
>      /* Sensible defaults: these can be overridden by the caller. */


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.