From 28c44ca97cd546ef8168e7476472a0da022b3421 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Petr=20=C5=A0tetiar?= Date: Mon, 23 May 2022 21:02:38 +0200 Subject: [PATCH] genl_family: explicitly null terminate strncpy destination buffer MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The strncpy() function doesn't null terminate the destination string if the source string is at least as long as the destination. (This behavior is defined by the C99 specification.) As a result, the destination string must be null terminated after calling strncpy(). And clang11 static analyzer thus reports following: genl_family.c:148:2: error: ‘strncpy’ output may be truncated copying 15 bytes from a string of length 15 [-Werror=stringop-truncation] 148 | strncpy(grp->name, name, GENL_NAMSIZ - 1); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ References: https://gitlab.com/openwrt/project/libnl-tiny/-/jobs/2495301251#L197 Signed-off-by: Petr Štetiar --- genl_family.c | 1 + include/netlink/genl/family.h | 1 + 2 files changed, 2 insertions(+) diff --git a/genl_family.c b/genl_family.c index 221acfa..a0d83dc 100644 --- a/genl_family.c +++ b/genl_family.c @@ -146,6 +146,7 @@ int genl_family_add_grp(struct genl_family *family, uint32_t id, grp->id = id; strncpy(grp->name, name, GENL_NAMSIZ - 1); + grp->name[GENL_NAMSIZ - 1] = '\0'; nl_list_add_tail(&grp->list, &family->gf_mc_grps); diff --git a/include/netlink/genl/family.h b/include/netlink/genl/family.h index 8a1a38b..ca71181 100644 --- a/include/netlink/genl/family.h +++ b/include/netlink/genl/family.h @@ -82,6 +82,7 @@ static inline char *genl_family_get_name(struct genl_family *family) static inline void genl_family_set_name(struct genl_family *family, const char *name) { strncpy(family->gf_name, name, GENL_NAMSIZ-1); + family->gf_name[GENL_NAMSIZ - 1] = '\0'; family->ce_mask |= FAMILY_ATTR_NAME; } -- 2.30.2