Re: [libgpiod][PATCH 2/4] lib: line-info strings termination

[Kent Gibson <warthog618@xxxxxxxxx>]

On Wed, Jul 17, 2024 at 01:36:42PM +0200, Iker Pedrosa wrote:
> strncpy() truncates the destination buffer if it isn't large enough to
> hold the copy. Thus, let's terminate the strings with a NULL character
> at the end.
>
> Signed-off-by: Iker Pedrosa <ikerpedrosam@xxxxxxxxx>
> ---
>  lib/line-info.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/lib/line-info.c b/lib/line-info.c
> index 9f53b04..2ded9ea 100644
> --- a/lib/line-info.c
> +++ b/lib/line-info.c
> @@ -148,10 +148,12 @@ gpiod_line_info_from_uapi(struct gpio_v2_line_info *uapi_info)
>  	memset(info, 0, sizeof(*info));
>
>  	info->offset = uapi_info->offset;
> -	strncpy(info->name, uapi_info->name, GPIO_MAX_NAME_SIZE);
> +	strncpy(info->name, uapi_info->name, GPIO_MAX_NAME_SIZE - 1);
> +	info->name[GPIO_MAX_NAME_SIZE - 1] = '\0';
>

Given that uapi_info->name is not NULL terminated, this change can
incorrectly discard one character.  The correct solution is to increase
the size of info->name to allow for the NULL terminator, which would
automatically be initialised by the memset.

>  	info->used = !!(uapi_info->flags & GPIO_V2_LINE_FLAG_USED);
> -	strncpy(info->consumer, uapi_info->consumer, GPIO_MAX_NAME_SIZE);
> +	strncpy(info->consumer, uapi_info->consumer, GPIO_MAX_NAME_SIZE - 1);
> +	info->consumer[GPIO_MAX_NAME_SIZE - 1] = '\0';
>

Same here.

And same in patch 3.

Patches 1 and 4 look ok to me.

Cheers,
Kent.

>  	if (uapi_info->flags & GPIO_V2_LINE_FLAG_OUTPUT)
>  		info->direction = GPIOD_LINE_DIRECTION_OUTPUT;
> --
> 2.45.2
>