This commit fixes two adjacent strncpys that could result
in unterminated strings:
CID 1412144 (#2 of 2): Buffer not null terminated
(BUFFER_SIZE_WARNING)13. buffer_size_warning: Calling strncpy with a
maximum size argument of 100 bytes on destination array
cntl_value->value of size 100 bytes might leave the destination string
unterminated.
Signed-off-by: Tom Hromatka <tom.hroma...@oracle.com>
---
src/wrapper.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/wrapper.c b/src/wrapper.c
index ee98ac5c70d9..20ecc13932a7 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -196,7 +196,9 @@ int cgroup_add_value_string(struct cgroup_controller
*controller,
return ECGCONTROLLERCREATEFAILED;
strncpy(cntl_value->name, name, sizeof(cntl_value->name));
+ cntl_value->name[sizeof(cntl_value->name)-1] = '\0';
strncpy(cntl_value->value, value, sizeof(cntl_value->value));
+ cntl_value->value[sizeof(cntl_value->value)-1] = '\0';
cntl_value->dirty = true;
controller->values[controller->index] = cntl_value;
controller->index++;
--
1.8.3.1
_______________________________________________
Libcg-devel mailing list
Libcg-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libcg-devel
