On Mon, Jun 01, 2009 at 09:03:30AM +0900, Ken'ichi Ohmichi wrote: > > Hi Dhaval, > > Dhaval Giani wrote: > > On Fri, May 29, 2009 at 11:33:23AM +0900, Ken'ichi Ohmichi wrote: > >> Hi, > >> > >> It actually walks through 'user' twice, once to compute length by > >> strlen() and then it's actually copied by strncpy(). So that is the > >> same as call strcpy(). > >> > >> > >> Thanks > >> Ken'ichi Ohmichi > >> > >> Reported-by: Jan Safranek <[email protected]> > >> Signed-off-by: Ken'ichi Ohmichi <[email protected]> > >> --- > >> src/api.c | 4 ++-- > >> 1 files changed, 2 insertions(+), 2 deletions(-) > >> > >> diff --git a/src/api.c b/src/api.c > >> index 4f88d20..944dc48 100644 > >> --- a/src/api.c > >> +++ b/src/api.c > >> @@ -476,8 +476,8 @@ static int cgroup_parse_rules(bool cache, uid_t muid, > >> gid_t mgid) > >> > >> newrule->uid = uid; > >> newrule->gid = gid; > >> - strncpy(newrule->name, user, strlen(user)); > >> - strncpy(newrule->destination, destination, strlen(destination)); > >> + strcpy(newrule->name, user); > >> + strcpy(newrule->destination, destination); > > > > NAK. please change it to > > > > strncpy(newrule->name, user, LOGIN_NAME_MAX -1) > > > > and similarly please. We want the strncpy for safety. > > OK, and I updated the patch for the readability :-) >
Can you please resend with your Signed-off-by and a changelog? I will merge it in. Thanks, > > Thanks > Ken'ichi Ohmichi > Acked-by: Dhaval Giani <[email protected]> > --- > src/api.c | 5 +++-- > 1 files changed, 3 insertions(+), 2 deletions(-) > > diff --git a/src/api.c b/src/api.c > index 4f88d20..43f08d0 100644 > --- a/src/api.c > +++ b/src/api.c > @@ -476,8 +476,9 @@ static int cgroup_parse_rules(bool cache, uid_t muid, > gid_t mgid) > > newrule->uid = uid; > newrule->gid = gid; > - strncpy(newrule->name, user, strlen(user)); > - strncpy(newrule->destination, destination, strlen(destination)); > + strncpy(newrule->name, user, sizeof(newrule->name) - 1); > + strncpy(newrule->destination, destination, > + sizeof(newrule->destination) - 1); > newrule->next = NULL; > > /* Parse the controller list, and add that to newrule too. */ > > ------------------------------------------------------------------------------ > Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT > is a gathering of tech-side developers & brand creativity professionals. Meet > the minds behind Google Creative Lab, Visual Complexity, Processing, & > iPhoneDevCamp as they present alongside digital heavyweights like Barbarian > Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com > _______________________________________________ > Libcg-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/libcg-devel -- regards, Dhaval ------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get _______________________________________________ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
