On Thu, 19 Aug 2021, Nigel Croxon wrote:
> To meet requirements of Common Criteria certification vulnerability
> assessment. Static code analysis has been run and found the following
> error:
> buffer_size_warning: Calling "strncpy" with a maximum size
> argument of 16 bytes on destination array "ve->name" of
> size 16 bytes might leave the destination string unterminated.
>
> The change is to make the destination size to fit the allocated size.
You really should explain here why we change from filling with spaces to
filling with nuls.
>
> V2: Change from zero-terminated to zero-padded on memset and
> change from using strncpy to memcpy, feedback from Neil Brown.
>
> Signed-off-by: Nigel Croxon <ncroxon@xxxxxxxxxx>
> ---
> super-ddf.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/super-ddf.c b/super-ddf.c
> index dc8e512..1771316 100644
> --- a/super-ddf.c
> +++ b/super-ddf.c
> @@ -2637,9 +2637,13 @@ static int init_super_ddf_bvd(struct supertype *st,
> ve->init_state = DDF_init_not;
>
> memset(ve->pad1, 0xff, 14);
> - memset(ve->name, ' ', 16);
> - if (name)
> - strncpy(ve->name, name, 16);
> + memset(ve->name, '\0', sizeof(ve->name));
> + if (name) {
> + int l = strlen(ve->name);
> + if (l > 16)
> + l = 16;
> + memcpy(ve->name, name, l);
> + }
Reviewed-by: NeilBrown <neilb@xxxxxxx>
Thanks,
NeilBrown
> ddf->virt->populated_vdes =
> cpu_to_be16(be16_to_cpu(ddf->virt->populated_vdes)+1);
>
> --
> 2.29.2
>
>
