To meet requirements of Common Criteria certification vulnerablility assessment. Static code analysis has been run and found the following error: buffer_size_warning: Calling "strncpy" with a maximum size argument of 16 bytes on destination array "ve->name" of size 16 bytes might leave the destination string unterminated. The change is to make the destination size to fit the allocated size. Signed-off-by: Nigel Croxon <ncroxon@xxxxxxxxxx> --- super-ddf.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/super-ddf.c b/super-ddf.c index dc8e512f..486183ed 100644 --- a/super-ddf.c +++ b/super-ddf.c @@ -2637,9 +2637,10 @@ static int init_super_ddf_bvd(struct supertype *st, ve->init_state = DDF_init_not; memset(ve->pad1, 0xff, 14); - memset(ve->name, ' ', 16); + memset(ve->name, ' ', 15); + ve->name[15] = '\0'; if (name) - strncpy(ve->name, name, 16); + strncpy(ve->name, name, 15); ddf->virt->populated_vdes = cpu_to_be16(be16_to_cpu(ddf->virt->populated_vdes)+1); -- 2.29.2
