[jira] [Commented] (DISPATCH-1009) _qd_policy_link_user_name_subst can return an unterminated string

[ASF subversion and git services (JIRA)]

    [ 
https://issues.apache.org/jira/browse/DISPATCH-1009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16759922#comment-16759922
 ] 

ASF subversion and git services commented on DISPATCH-1009:
-----------------------------------------------------------

Commit 0f7ab6d623b90cc57d99c1a4b42090c48cd4ac28 in qpid-dispatch's branch 
refs/heads/master from Jiri Danek
[ https://gitbox.apache.org/repos/asf?p=qpid-dispatch.git;h=0f7ab6d ]

NO-JIRA: remove unused declaration of _qd_policy_link_user_name_subst

Relates to DISPATCH-1009, DISPATCH-1011 which removed the implementation.


> _qd_policy_link_user_name_subst can return an unterminated string
> -----------------------------------------------------------------
>
>                 Key: DISPATCH-1009
>                 URL: https://issues.apache.org/jira/browse/DISPATCH-1009
>             Project: Qpid Dispatch
>          Issue Type: Bug
>          Components: Policy Engine
>    Affects Versions: 1.0.1
>            Reporter: Alan Conway
>            Assignee: Chuck Rolke
>            Priority: Major
>
> On fedora 28 the gcc 8.1.1 compiler gives this warning-as-error:
> /home/aconway/dispatch/src/policy.c: In function 
> '_qd_policy_link_user_name_subst':
> /home/aconway/dispatch/src/policy.c:541:9: error: 'strncpy' output may be 
> truncated copying between 0 and 8 bytes from a string of length 7 
> [-Werror=stringop-truncation]
>          strncpy(obuf, duser, copysize);
>          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
>  
> The error is correct: the function is using strncpy to copy a string into a 
> space that may be too small for it, resulting in an un-terminated string.
> I fixed some similar issues already but I'm confused by what's going on here: 
> it looks like we are searching for the uname parameter and replacing it with 
> "${user}" which seems backwards.
> The function would be simpler and clearer if it used snprintf rather than 
> successive strncpy, i.e.
>     n = snprintf(obuf, osize, "%s%s%s", leading, duser, trailing);
> but the problem of properly handling the error if the resulting string is too 
> big for obuf remains.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org