In the setPyVirTypedParameter we try to produce virTypedParameter array from a pyhthon dictionary. However, when copying field name into item in returned array, we use strncpy() as the field name is fixed length array. To determine its size we use sizeof() but mistakenly dereference it resulting in sizeof(char) which equals to 1 byte. Moreover, there's no need for using sizeof() when we have a global macro to tell us the length of the field name: VIR_TYPED_PARAM_FIELD_LENGTH. And since array is allocated using VIR_ALLOC() we are sure the memory is initially filled with zeros. Hence, there's no need to terminate string we've just copied into field name with '\0' character. It's there for sure too as we copy up to field length - 1. Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> --- libvirt-override.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/libvirt-override.c b/libvirt-override.c index 83369fc..3765a43 100644 --- a/libvirt-override.c +++ b/libvirt-override.c @@ -197,8 +197,7 @@ setPyVirTypedParameter(PyObject *info, goto cleanup; } - strncpy(temp->field, keystr, sizeof(*temp->field) - 1); - temp->field[sizeof(*temp->field) - 1] = '\0'; + strncpy(temp->field, keystr, VIR_TYPED_PARAM_FIELD_LENGTH - 1); temp->type = params[i].type; VIR_FREE(keystr); -- 1.9.0 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list