On 04/05/2021 10:16, Miroslav Lichvar wrote: > On Tue, May 04, 2021 at 04:43:51PM +0900, 박웅섭 wrote: >> 1.In the text->length=c->desc.userDescription.length part of clock.c line >> 368, the length declared in the static_ptp_text structure is of type signed >> int and the length declared in the text structure is unsigned int. Why did >> you write the code like this? Assigning Signed integers to unsigned >> integers can lead to overflow problems. > > In my copy of the code the length field of the PTPText structure is > uint8_t. It's a structure used in the network protocol. >
Yes, Miroslav is right. PTPText uses unsigned 8 bits as specify in IEEE 1558. As text length is positive or zero. Why should it be a problem? Look on static_ptp_text_set() the length is set using strlen() which is possitive or zero and the maximum length is 255. /* A static_ptp_text is like a PTPText but includes space to store the * text inside the struct. The text array must always be * null-terminated. Also tracks a maximum number of symbols. Note in * UTF-8, # symbols != # bytes. */ #define MAX_PTP_OCTETS 255 I assume static_ptp_text uses int for simlicity. But the length value is bound to unsigned 8 bits, 0 to 255. >> 2. The memcpy function is vulnerable to security. Wouldn't it be correct to >> use memcpy_s instead of memcpy function? > > Isn't that a Windows-only function? > No, C11 https://en.cppreference.com/w/c/string/byte/memcpy However, the make file does not specify standard. Perhaps some users defer C11. Erez _______________________________________________ Linuxptp-devel mailing list Linuxptp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linuxptp-devel