Coverity is warning about a buffer overflow - copying a directory entry
(potential length 256) into a 100-char buffer.
sysfs.c - function sysfs_unique_holder - ll 920-925
continue;
if (de->d_name[0] == '.')
continue;
strcpy(dirname+l, "/");
strcat(dirname+l, de->d_name);
n = readlink(dirname, buf, sizeof(buf)-1);
What's the best way to fix this? My immediate reaction is to increase
the size of the buffer, but that's really just papering over it. The
proper way is presumably strncpy, but what do I do if the copy fails? Is
there a standard way of bailing out safely, or do I need to find a
unique way for each scenario. I'm guessing here, it looks like I should
just bail with a -1 error return code?
Sorry for being a newbie hassling for advice, but hopefully I'll soon be
up to speed and will know what to do :-)
Cheers,
Wol
--
To unsubscribe from this list: send the line "unsubscribe linux-raid" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
