Fix: illegal memory access in syscall_init_table
authorMathieu Desnoyers <mathieu.desnoyers@efficios.com>
Tue, 17 May 2016 01:42:53 +0000 (21:42 -0400)
committerJérémie Galarneau <jeremie.galarneau@efficios.com>
Fri, 20 May 2016 20:36:35 +0000 (16:36 -0400)
Found by Coverity:
CID 1243021 (#1 of 1): Buffer not null terminated
(BUFFER_SIZE_WARNING)25. buffer_size_warning: Calling strncpy with a
maximum size argument of 255 bytes on destination array (syscall_table +
index).name of size 255 bytes might leave the destination string
unterminated.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
src/bin/lttng-sessiond/syscall.c

index f79fa8dd8ebf9b4104f2be3f647c658381edd7d9..d5db529324fc238419e78e8f66d5693eb418fee1 100644 (file)
@@ -108,8 +108,13 @@ int syscall_init_table(void)
                }
                syscall_table[index].index = index;
                syscall_table[index].bitness = bitness;
-               strncpy(syscall_table[index].name, name,
-                               sizeof(syscall_table[index].name));
+               if (lttng_strncpy(syscall_table[index].name, name,
+                               sizeof(syscall_table[index].name))) {
+                       ret = -EINVAL;
+                       free(syscall_table);
+                       syscall_table = NULL;
+                       goto error;
+               }
                /*
                DBG("Syscall name '%s' at index %" PRIu32 " of bitness %u",
                                syscall_table[index].name,
This page took 0.02777 seconds and 4 git commands to generate.