From c0905f95795a1d86261f95c086cd1c84945e64b7 Mon Sep 17 00:00:00 2001 From: Takashi Sakamoto Date: Sat, 28 Aug 2021 11:51:36 +0900 Subject: [PATCH] seq: use safer way to copy strings MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The call of strncpy can results in destination buffer without null as terminator in the case of truncation. Compiler reports the risk as warnings, like: In function ‘strncpy’, inlined from ‘alsaseq_get_queue_info_by_name’ at ../src/seq/query.c:670:5: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘strncpy’ specified bound 64 equals destination size [-Wstringop-truncation] 95 | return __builtin___strncpy_chk (__dest, __src, __len, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 96 | __glibc_objsize (__dest)); | ~~~~~~~~~~~~~~~~~~~~~~~~~ This commit uses safer way to copy strings, g_strlcpy(), to fix the bug. Fixes: 4e8675f631ce ("seq: client_info: add properties and accessor methods") Fixes: f3457eaf706b ("seq: port_info: add properties") Fixes: 1eabdf6bc647 ("seq: add global method to get the information of queue") Fixes: f26342b3ab3d ("seq: queue_info: add properties and constructors") Signed-off-by: Takashi Sakamoto --- src/seq/client-info.c | 2 +- src/seq/port-info.c | 2 +- src/seq/query.c | 2 +- src/seq/queue-info.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/seq/client-info.c b/src/seq/client-info.c index 09ef937..5e430c8 100644 --- a/src/seq/client-info.c +++ b/src/seq/client-info.c @@ -51,7 +51,7 @@ static void seq_client_info_set_property(GObject *obj, guint id, priv->info.type = (snd_seq_client_type_t)g_value_get_enum(val); break; case SEQ_CLIENT_INFO_PROP_NAME: - strncpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); + g_strlcpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); break; case SEQ_CLIENT_INFO_PROP_FILTER_ATTR_FLAGS: priv->info.filter &= SNDRV_SEQ_FILTER_USE_EVENT; diff --git a/src/seq/port-info.c b/src/seq/port-info.c index 601ce10..9092a3d 100644 --- a/src/seq/port-info.c +++ b/src/seq/port-info.c @@ -50,7 +50,7 @@ static void seq_port_info_set_property(GObject *obj, guint id, break; } case SEQ_PORT_INFO_PROP_NAME: - strncpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); + g_strlcpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); break; case SEQ_PORT_INFO_PROP_CAPS: priv->info.capability = (unsigned int)g_value_get_flags(val); diff --git a/src/seq/query.c b/src/seq/query.c index 28d2121..682002c 100644 --- a/src/seq/query.c +++ b/src/seq/query.c @@ -667,7 +667,7 @@ void alsaseq_get_queue_info_by_name(const gchar *name, *queue_info = g_object_new(ALSASEQ_TYPE_QUEUE_INFO, NULL); seq_queue_info_refer_private(*queue_info, &info); - strncpy(info->name, name, sizeof(info->name)); + g_strlcpy(info->name, name, sizeof(info->name)); if (ioctl(fd, SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE, info) < 0) { generate_file_error(error, errno, "ioctl(GET_NAMED_QUEUE)"); g_object_unref(*queue_info); diff --git a/src/seq/queue-info.c b/src/seq/queue-info.c index 42f3a50..355757b 100644 --- a/src/seq/queue-info.c +++ b/src/seq/queue-info.c @@ -47,7 +47,7 @@ static void seq_queue_info_set_property(GObject *obj, guint id, priv->info.locked = g_value_get_boolean(val); break; case SEQ_QUEUE_INFO_PROP_NAME: - strncpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); + g_strlcpy(priv->info.name, g_value_get_string(val), sizeof(priv->info.name)); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID(obj, id, spec); -- 2.47.3