[PATCH] Fix buffer size warning for strcpy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



To meet requirements of Common Criteria certification vulnerablility
assessment. Static code analysis has been run and found the following
error:
buffer_size_warning: Calling "strncpy" with a maximum size
argument of 16 bytes on destination array "ve->name" of
size 16 bytes might leave the destination string unterminated.

The change is to make the destination size to fit the allocated size.

Signed-off-by: Nigel Croxon <ncroxon@xxxxxxxxxx>
---
 super-ddf.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/super-ddf.c b/super-ddf.c
index dc8e512f..486183ed 100644
--- a/super-ddf.c
+++ b/super-ddf.c
@@ -2637,9 +2637,10 @@ static int init_super_ddf_bvd(struct supertype *st,
 		ve->init_state = DDF_init_not;
 
 	memset(ve->pad1, 0xff, 14);
-	memset(ve->name, ' ', 16);
+	memset(ve->name, ' ', 15);
+	ve->name[15] = '\0';
 	if (name)
-		strncpy(ve->name, name, 16);
+		strncpy(ve->name, name, 15);
 	ddf->virt->populated_vdes =
 		cpu_to_be16(be16_to_cpu(ddf->virt->populated_vdes)+1);
 
-- 
2.29.2




[Index of Archives]     [Linux RAID Wiki]     [ATA RAID]     [Linux SCSI Target Infrastructure]     [Linux Block]     [Linux IDE]     [Linux SCSI]     [Linux Hams]     [Device Mapper]     [Device Mapper Cryptographics]     [Kernel]     [Linux Admin]     [Linux Net]     [GFS]     [RPM]     [git]     [Yosemite Forum]


  Powered by Linux