On Tue Aug 24, 2021 at 08:46:49AM +1000, NeilBrown wrote:
> On Mon, 23 Aug 2021, Tkaczyk, Mariusz wrote:
> > On 19.08.2021 15:10, Nigel Croxon wrote:
> >
> > > + memset(ve->name, '\0', sizeof(ve->name));
> > > + if (name) {
> > > + int l = strlen(ve->name);
> > > + if (l > 16)
> > > + l = 16;
> > > + memcpy(ve->name, name, l);
> > > + }
> >
> > What about:
> > if (name)
> > /*
> > * Name might not be null terminated.
> > */
> > strncpy(ve->name, name, sizeof(ve->name));
>
> I really like the idea of using strncpy(). I didn't realize it would
> nul-pad to the full size, and that is exactly what we want.
> So
>
> strncpy(ve->name, name?:"", sizeof(ve->name));
>
> would be a complete solution.
>
Except that won't get rid of the buffer warning that was the point of
this patch:
buffer_size_warning: Calling "strncpy" with a maximum size
argument of 16 bytes on destination array "ve->name" of
size 16 bytes might leave the destination string unterminated.
Looking at the code, I don't think we're relying on the destination
string being null terminated anyway (if it's the full 16 bytes), so it's
not actually going to cause an issue, but we'll still be left with the
warning. Presumably using memcpy doesn't flag on this (as it then
doesn't know the value being copied is meant to be a string), which is
why that was being proposed.
Cheers.
Robin
