When building libselinux on Fedora 33 with gcc 10.3.1, the compiler
reports:
label_file.c: In function ‘lookup_all.isra’:
label_file.c:940:4: error: ‘strncpy’ specified bound depends on the
length of the source argument [-Werror=stringop-overflow=]
940 | strncpy(clean_key, key, len - 1);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
label_file.c:927:8: note: length computed here
927 | len = strlen(key);
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
As clean_key is the result of malloc(len), there is no issue here. But
using strncpy can be considered as strange, because the size of the
string is already known and the NUL terminator is always added later, in
function ‘lookup_all.isra.
Replace strncpy with memcpy to silence this gcc false-positive warning.
Signed-off-by: Nicolas Iooss <nicolas.iooss@xxxxxxx>
---
libselinux/src/label_file.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
index 726394ca4332..cfce23e0119e 100644
--- a/libselinux/src/label_file.c
+++ b/libselinux/src/label_file.c
@@ -909,7 +909,7 @@ static const struct spec **lookup_all(struct selabel_handle *rec,
if (!clean_key)
goto finish;
- strncpy(clean_key, key, len - 1);
+ memcpy(clean_key, key, len - 1);
}
clean_key[len - 1] = '\0';
--
2.31.0
