From: Mathieu Desnoyers Date: Tue, 17 May 2016 01:42:51 +0000 (-0400) Subject: Fix: illegal memory access in list_lttng_channels X-Git-Tag: v2.6.3~47 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=084fe1eb76ce508f32da47dbc310f702fc19ef57;p=lttng-tools.git Fix: illegal memory access in list_lttng_channels Found by Coverity: CID 1243018 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)11. buffer_size_warning: Calling strncpy with a maximum size argument of 256 bytes on destination array (channels + i).name of size 256 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- diff --git a/src/bin/lttng-sessiond/cmd.c b/src/bin/lttng-sessiond/cmd.c index e8a8d2fc7..5e6a0d087 100644 --- a/src/bin/lttng-sessiond/cmd.c +++ b/src/bin/lttng-sessiond/cmd.c @@ -174,7 +174,10 @@ static void list_lttng_channels(int domain, struct ltt_session *session, rcu_read_lock(); cds_lfht_for_each_entry(session->ust_session->domain_global.channels->ht, &iter.iter, uchan, node.node) { - strncpy(channels[i].name, uchan->name, LTTNG_SYMBOL_NAME_LEN); + if (lttng_strncpy(channels[i].name, uchan->name, + LTTNG_SYMBOL_NAME_LEN)) { + break; + } channels[i].attr.overwrite = uchan->attr.overwrite; channels[i].attr.subbuf_size = uchan->attr.subbuf_size; channels[i].attr.num_subbuf = uchan->attr.num_subbuf;