From: Takashi Sakamoto Date: Sat, 28 Aug 2021 02:51:36 +0000 (+0900) Subject: seq: use safer way to copy strings X-Git-Tag: v0.2.1~1 X-Git-Url: https://git.alsa-project.org/?a=commitdiff_plain;h=c0905f95795a1d86261f95c086cd1c84945e64b7;p=alsa-gobject.git seq: use safer way to copy strings The call of strncpy can results in destination buffer without null as terminator in the case of truncation. Compiler reports the risk as warnings, like: In function ‘strncpy’, inlined from ‘alsaseq_get_queue_info_by_name’ at ../src/seq/query.c:670:5: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘strncpy’ specified bound 64 equals destination size [-Wstringop-truncation] 95 | return __builtin___strncpy_chk (__dest, __src, __len, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 96 | __glibc_objsize (__dest)); | ~~~~~~~~~~~~~~~~~~~~~~~~~ This commit uses safer way to copy strings, g_strlcpy(), to fix the bug. Fixes: 4e8675f631ce ("seq: client_info: add properties and accessor methods") Fixes: f3457eaf706b ("seq: port_info: add properties") Fixes: 1eabdf6bc647 ("seq: add global method to get the information of queue") Fixes: f26342b3ab3d ("seq: queue_info: add properties and constructors") Signed-off-by: Takashi Sakamoto --- diff --git a/src/seq/client-info.c b/src/seq/client-info.c index 09ef937..5e430c8 100644 --- a/src/seq/client-info.c +++ b/src/seq/client-info.c @@ -51,7 +51,7 @@ static void seq_client_info_set_property(GObject *obj, guint id, priv->info.type = (snd_seq_client_type_t)g_value_get_enum(val); break; case SEQ_CLIENT_INFO_PROP_NAME: - strncpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); + g_strlcpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); break; case SEQ_CLIENT_INFO_PROP_FILTER_ATTR_FLAGS: priv->info.filter &= SNDRV_SEQ_FILTER_USE_EVENT; diff --git a/src/seq/port-info.c b/src/seq/port-info.c index 601ce10..9092a3d 100644 --- a/src/seq/port-info.c +++ b/src/seq/port-info.c @@ -50,7 +50,7 @@ static void seq_port_info_set_property(GObject *obj, guint id, break; } case SEQ_PORT_INFO_PROP_NAME: - strncpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); + g_strlcpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); break; case SEQ_PORT_INFO_PROP_CAPS: priv->info.capability = (unsigned int)g_value_get_flags(val); diff --git a/src/seq/query.c b/src/seq/query.c index 28d2121..682002c 100644 --- a/src/seq/query.c +++ b/src/seq/query.c @@ -667,7 +667,7 @@ void alsaseq_get_queue_info_by_name(const gchar *name, *queue_info = g_object_new(ALSASEQ_TYPE_QUEUE_INFO, NULL); seq_queue_info_refer_private(*queue_info, &info); - strncpy(info->name, name, sizeof(info->name)); + g_strlcpy(info->name, name, sizeof(info->name)); if (ioctl(fd, SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE, info) < 0) { generate_file_error(error, errno, "ioctl(GET_NAMED_QUEUE)"); g_object_unref(*queue_info); diff --git a/src/seq/queue-info.c b/src/seq/queue-info.c index 42f3a50..355757b 100644 --- a/src/seq/queue-info.c +++ b/src/seq/queue-info.c @@ -47,7 +47,7 @@ static void seq_queue_info_set_property(GObject *obj, guint id, priv->info.locked = g_value_get_boolean(val); break; case SEQ_QUEUE_INFO_PROP_NAME: - strncpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); + g_strlcpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID(obj, id, spec);