From 18cd5fe99f70a55a2d6f2303d6ee0624942695b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 27 Mar 2013 23:16:32 -0400 Subject: [PATCH] catalog: make sure strings are terminated Coverity complains: systemd-199/src/journal/catalog.c:126: buffer_size_warning: Calling strncpy with a maximum size argument of 32 bytes on destination array "i->language" of size 32 bytes might leave the destination string unterminated. ...and unfortunately it was right. The string was defined as a fixed-size string in some parts of the code, and used a null-terminated string in others (e.g. in log statements). There's no point in conserving one byte, so just define the max language tag length to 31 bytes, and use null terminated strings everywhere. Also, wrap some lines, zero-fill less bytes, use '\0' instead of just 0 to be more explicit that this is one byte. --- src/journal/catalog.c | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/src/journal/catalog.c b/src/journal/catalog.c index 7ae7b3eecf..b2c684ac2d 100644 --- a/src/journal/catalog.c +++ b/src/journal/catalog.c @@ -34,6 +34,7 @@ #include "hashmap.h" #include "strv.h" #include "strbuf.h" +#include "strxcpyx.h" #include "conf-files.h" #include "mkdir.h" #include "catalog.h" @@ -96,7 +97,7 @@ static int catalog_compare_func(const void *a, const void *b) { return 1; } - return strncmp(i->language, j->language, sizeof(i->language)); + return strcmp(i->language, j->language); } static int finish_item( @@ -123,12 +124,13 @@ static int finish_item( return log_oom(); i->id = id; - strncpy(i->language, language, sizeof(i->language)); + strscpy(i->language, sizeof(i->language), language); i->offset = htole64((uint64_t) offset); r = hashmap_put(h, i, i); if (r == EEXIST) { - log_warning("Duplicate entry for " SD_ID128_FORMAT_STR ".%s, ignoring.", SD_ID128_FORMAT_VAL(id), language ? language : "C"); + log_warning("Duplicate entry for " SD_ID128_FORMAT_STR ".%s, ignoring.", + SD_ID128_FORMAT_VAL(id), language ? language : "C"); free(i); return 0; } @@ -185,15 +187,15 @@ static int import_file(Hashmap *h, struct strbuf *sb, const char *path) { line[0] == '-' && line[1] == '-' && line[2] == ' ' && - (line[2+1+32] == ' ' || line[2+1+32] == 0)) { + (line[2+1+32] == ' ' || line[2+1+32] == '\0')) { bool with_language; sd_id128_t jd; /* New entry */ - with_language = line[2+1+32] != 0; - line[2+1+32] = 0; + with_language = line[2+1+32] != '\0'; + line[2+1+32] = '\0'; if (sd_id128_from_string(line + 2 + 1, &jd) >= 0) { @@ -211,21 +213,21 @@ static int import_file(Hashmap *h, struct strbuf *sb, const char *path) { log_error("[%s:%u] Language too short.", path, n); return -EINVAL; } - if (c > sizeof(language)) { + if (c > sizeof(language) - 1) { log_error("[%s:%u] language too long.", path, n); return -EINVAL; } - strncpy(language, t, sizeof(language)); + strscpy(language, sizeof(language), t); } else - zero(language); + language[0] = '\0'; got_id = true; empty_line = false; id = jd; if (payload) - payload[0] = 0; + payload[0] = '\0'; continue; } @@ -324,7 +326,9 @@ int catalog_update(void) { n = 0; HASHMAP_FOREACH(i, h, j) { - log_debug("Found " SD_ID128_FORMAT_STR ", language %s", SD_ID128_FORMAT_VAL(i->id), isempty(i->language) ? "C" : i->language); + log_debug("Found " SD_ID128_FORMAT_STR ", language %s", + SD_ID128_FORMAT_VAL(i->id), + isempty(i->language) ? "C" : i->language); items[n++] = *i; }