[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] tools: libxl: NULL terminate partially constructed hex string

Coverity (correctly) complains that the strncpy(p, "0x", 2) will not
null terminate p.

Although we can see that in the rest of the function p will
definitely be NULL terminated by the time it is complete there is no
harm in passing 3 to the strncpy and allowing it to NULL terminate to
placate Coverity. We know this is safe because the allocation to hold
the string includes a "+3" for the 0x and the terminating NULL.

Compile tested only.

CID: 1198708

Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
I flip-flopped on just telling Coverity this was a false +ve, but
mainly landed on this course of action because the issue was marked as
"fix required" by Ian J in the coverity interface (it was also marked
"insignificant" FWIW).
 tools/libxl/libxl_utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/libxl/libxl_utils.c b/tools/libxl/libxl_utils.c
index e42422a..672d3f8 100644
--- a/tools/libxl/libxl_utils.c
+++ b/tools/libxl/libxl_utils.c
@@ -780,7 +780,7 @@ char *libxl_bitmap_to_hex_string(libxl_ctx *ctx, const 
libxl_bitmap *bitmap)
     int i = bitmap->size;
     char *p = libxl__zalloc(NOGC, bitmap->size * 2 + 3);
     char *q = p;
-    strncpy(p, "0x", 2);
+    strncpy(p, "0x", 3);
     p += 2;
     while(--i >= 0) {
         sprintf(p, "%02x", bitmap->map[i]);

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.