From: Mathieu Desnoyers Date: Tue, 17 May 2016 01:42:51 +0000 (-0400) Subject: Fix: illegal memory access in list_lttng_channels X-Git-Tag: v2.7.3~57 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=74c0a111f8f316cdcc99946ad99cf74a359a5f6e;p=lttng-tools.git Fix: illegal memory access in list_lttng_channels Found by Coverity: CID 1243018 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)11. buffer_size_warning: Calling strncpy with a maximum size argument of 256 bytes on destination array (channels + i).name of size 256 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- diff --git a/src/bin/lttng-sessiond/cmd.c b/src/bin/lttng-sessiond/cmd.c index 9cd192073..ff61166d7 100644 --- a/src/bin/lttng-sessiond/cmd.c +++ b/src/bin/lttng-sessiond/cmd.c @@ -170,7 +170,10 @@ static void list_lttng_channels(int domain, struct ltt_session *session, rcu_read_lock(); cds_lfht_for_each_entry(session->ust_session->domain_global.channels->ht, &iter.iter, uchan, node.node) { - strncpy(channels[i].name, uchan->name, LTTNG_SYMBOL_NAME_LEN); + if (lttng_strncpy(channels[i].name, uchan->name, + LTTNG_SYMBOL_NAME_LEN)) { + break; + } channels[i].attr.overwrite = uchan->attr.overwrite; channels[i].attr.subbuf_size = uchan->attr.subbuf_size; channels[i].attr.num_subbuf = uchan->attr.num_subbuf;