genl_family: explicitly null terminate strncpy destination buffer

The strncpy() function doesn't null terminate the destination string if
the source string is at least as long as the destination. (This behavior
is defined by the C99 specification.) As a result, the destination
string must be null terminated after calling strncpy().

And clang11 static analyzer thus reports following:

 genl_family.c:148:2: error: ‘strncpy’ output may be truncated copying 15 bytes from a string of length 15 [-Werror=stringop-truncation]
   148 |  strncpy(grp->name, name, GENL_NAMSIZ - 1);
       |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

References: https://gitlab.com/openwrt/project/libnl-tiny/-/jobs/2495301251#L197
Signed-off-by: Petr Štetiar <ynezz@true.cz>

diff --git a/genl_family.c b/genl_family.c
index 221acfa1a7ff9989e9634b66212034ede6aa699e..a0d83dc20ce89e404f0967c9a71c8bf408fa9932 100644 (file)
--- a/genl_family.c
+++ b/genl_family.c
@@ -146,6 +146,7 @@ int genl_family_add_grp(struct genl_family *family, uint32_t id,
 
        grp->id = id;
        strncpy(grp->name, name, GENL_NAMSIZ - 1);
+       grp->name[GENL_NAMSIZ - 1] = '\0';
 
        nl_list_add_tail(&grp->list, &family->gf_mc_grps);
 

diff --git a/include/netlink/genl/family.h b/include/netlink/genl/family.h
index 8a1a38ba25d5a5c89a2111b1e8aafb3f5c525843..ca71181e89f322a4012f641395602721e565c852 100644 (file)
--- a/include/netlink/genl/family.h
+++ b/include/netlink/genl/family.h
@@ -82,6 +82,7 @@ static inline char *genl_family_get_name(struct genl_family *family)
 static inline void genl_family_set_name(struct genl_family *family, const char *name)
 {
        strncpy(family->gf_name, name, GENL_NAMSIZ-1);
+       family->gf_name[GENL_NAMSIZ - 1] = '\0';
        family->ce_mask |= FAMILY_ATTR_NAME;
 }