Added a guaranteed null-terminate after call to strncpy.
Signed-off-by: Rickard Strandqvist <[email protected]>
---
Documentation/laptops/freefall.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/Documentation/laptops/freefall.c b/Documentation/laptops/freefall.c
index aab2ff0..113d004 100644
--- a/Documentation/laptops/freefall.c
+++ b/Documentation/laptops/freefall.c
@@ -33,8 +33,10 @@ static int set_unload_heads_path(char *device)
if (strlen(device) <= 5 || strncmp(device, "/dev/", 5) != 0)
return -EINVAL;
- strncpy(devname, device + 5, sizeof(devname) - 1);
- strncpy(device_path, device, sizeof(device_path) - 1);
+ strncpy(devname, device + 5, sizeof(devname));
+ devname[sizeof(devname) - 1] = '\0';
+ strncpy(device_path, device, sizeof(device_path));
+ device_path[sizeof(device_path) - 1] = '\0';
snprintf(unload_heads_path, sizeof(unload_heads_path) - 1,
"/sys/block/%s/device/unload_heads", devname);
--
1.7.10.4
On Sun 2014-07-27 16:40:43, Rickard Strandqvist wrote:
> Added a guaranteed null-terminate after call to strncpy.
>
> Signed-off-by: Rickard Strandqvist <[email protected]>
Acked-by: Pavel Machek <[email protected]>
On 07/27/14 07:40, Rickard Strandqvist wrote:
> Added a guaranteed null-terminate after call to strncpy.
>
> Signed-off-by: Rickard Strandqvist <[email protected]>
> ---
> Documentation/laptops/freefall.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/laptops/freefall.c b/Documentation/laptops/freefall.c
> index aab2ff0..113d004 100644
> --- a/Documentation/laptops/freefall.c
> +++ b/Documentation/laptops/freefall.c
> @@ -33,8 +33,10 @@ static int set_unload_heads_path(char *device)
>
> if (strlen(device) <= 5 || strncmp(device, "/dev/", 5) != 0)
> return -EINVAL;
> - strncpy(devname, device + 5, sizeof(devname) - 1);
> - strncpy(device_path, device, sizeof(device_path) - 1);
Maybe I am overlooking something here, but what was wrong with
the - 1 (2 times) above? and then just add the 2 lines below that set the
last byte to '\0'?
> + strncpy(devname, device + 5, sizeof(devname));
> + devname[sizeof(devname) - 1] = '\0';
> + strncpy(device_path, device, sizeof(device_path));
> + device_path[sizeof(device_path) - 1] = '\0';
>
> snprintf(unload_heads_path, sizeof(unload_heads_path) - 1,
> "/sys/block/%s/device/unload_heads", devname);
>
--
~Randy
On Sun 2014-07-27 16:03:44, Randy Dunlap wrote:
> On 07/27/14 07:40, Rickard Strandqvist wrote:
> > Added a guaranteed null-terminate after call to strncpy.
> >
> > Signed-off-by: Rickard Strandqvist <[email protected]>
> > ---
> > Documentation/laptops/freefall.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/Documentation/laptops/freefall.c b/Documentation/laptops/freefall.c
> > index aab2ff0..113d004 100644
> > --- a/Documentation/laptops/freefall.c
> > +++ b/Documentation/laptops/freefall.c
> > @@ -33,8 +33,10 @@ static int set_unload_heads_path(char *device)
> >
> > if (strlen(device) <= 5 || strncmp(device, "/dev/", 5) != 0)
> > return -EINVAL;
> > - strncpy(devname, device + 5, sizeof(devname) - 1);
> > - strncpy(device_path, device, sizeof(device_path) - 1);
>
> Maybe I am overlooking something here, but what was wrong with
> the - 1 (2 times) above? and then just add the 2 lines below that set the
> last byte to '\0'?
Actually device_path is static, so it will be zero-initialized and
explicit set is not neccessary AFAICT.
(devname is auto -> needs explicit set).
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
devname is automatic variable, so it may not contain 0 at the last
position.
Reported-by: Rickard Strandqvist <[email protected]>
Signed-off-by: Pavel Machek <[email protected]>
diff --git a/Documentation/laptops/freefall.c b/Documentation/laptops/freefall.c
index aab2ff0..93a7ebf 100644
--- a/Documentation/laptops/freefall.c
+++ b/Documentation/laptops/freefall.c
@@ -29,7 +29,8 @@ static const char app_name[] = "FREE FALL";
static int set_unload_heads_path(char *device)
{
- char devname[64];
+ /* static for zero termination */
+ static char devname[64];
if (strlen(device) <= 5 || strncmp(device, "/dev/", 5) != 0)
return -EINVAL;
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Copying to local variable is actually not neccessary, if all we need
to do is snprintf(). This also removes problem where devname could be
missing zero termination.
Reported-by: Rickard Strandqvist <[email protected]>
Signed-off-by: Pavel Machek <[email protected]>
diff --git a/Documentation/laptops/freefall.c b/Documentation/laptops/freefall.c
index aab2ff0..5e44b20 100644
--- a/Documentation/laptops/freefall.c
+++ b/Documentation/laptops/freefall.c
@@ -29,15 +29,12 @@ static const char app_name[] = "FREE FALL";
static int set_unload_heads_path(char *device)
{
- char devname[64];
-
if (strlen(device) <= 5 || strncmp(device, "/dev/", 5) != 0)
return -EINVAL;
- strncpy(devname, device + 5, sizeof(devname) - 1);
strncpy(device_path, device, sizeof(device_path) - 1);
snprintf(unload_heads_path, sizeof(unload_heads_path) - 1,
- "/sys/block/%s/device/unload_heads", devname);
+ "/sys/block/%s/device/unload_heads", device+5);
return 0;
}
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
On 07/28/14 04:13, Pavel Machek wrote:
>
> Copying to local variable is actually not neccessary, if all we need
> to do is snprintf(). This also removes problem where devname could be
> missing zero termination.
>
> Reported-by: Rickard Strandqvist <[email protected]>
> Signed-off-by: Pavel Machek <[email protected]>
Applied. Thanks.
>
> diff --git a/Documentation/laptops/freefall.c b/Documentation/laptops/freefall.c
> index aab2ff0..5e44b20 100644
> --- a/Documentation/laptops/freefall.c
> +++ b/Documentation/laptops/freefall.c
> @@ -29,15 +29,12 @@ static const char app_name[] = "FREE FALL";
>
> static int set_unload_heads_path(char *device)
> {
> - char devname[64];
> -
> if (strlen(device) <= 5 || strncmp(device, "/dev/", 5) != 0)
> return -EINVAL;
> - strncpy(devname, device + 5, sizeof(devname) - 1);
> strncpy(device_path, device, sizeof(device_path) - 1);
>
> snprintf(unload_heads_path, sizeof(unload_heads_path) - 1,
> - "/sys/block/%s/device/unload_heads", devname);
> + "/sys/block/%s/device/unload_heads", device+5);
> return 0;
> }
>
>
>
>
--
~Randy