diff options
author | Thomas Haller <thaller@redhat.com> | 2019-05-16 09:58:28 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2019-05-16 10:17:33 +0200 |
commit | 98f41226737fb305d48ed431199307b1383f3a49 (patch) | |
tree | 86321a8961369f7b20e032a4e2d747673726723d | |
parent | e9c76f375b62bec8d65dc6bf0e7594e68a212418 (diff) | |
download | NetworkManager-98f41226737fb305d48ed431199307b1383f3a49.tar.gz |
core: ensure NUL padding interface name in nm_utils_ifname_cpy()
Always ensure that the entire buffer is initialized with padding NULs.
For example, valgrind checks whether we access uninitalized memory,
so leaving this uninitalized can be unexpected and cause valgrind
failures. In general, one might be tempted to copy the ifname buffer (of
well known size IFNAMSIZ) with memcpy(). In that case, we should not
have trailing garbage there.
We could use strncpy() for that (which guarantees NUL padding), but
then we still would have to ensure NUL termination. But strncpy() is
frowned upon, so let's not use it here.
Note that g_strlcpy() does not guarantee NUL padding, so it's
unsuitable.
We could also implement this with a combination of memcpy() and
memset(). But in this case, it just seems simpler to iterate over the
16 bytes and do it manually.
-rw-r--r-- | src/nm-core-utils.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/src/nm-core-utils.c b/src/nm-core-utils.c index 9330c9ed8f..ee2496a5c3 100644 --- a/src/nm-core-utils.c +++ b/src/nm-core-utils.c @@ -3815,13 +3815,22 @@ nm_utils_parse_debug_string (const char *string, void nm_utils_ifname_cpy (char *dst, const char *name) { + int i; + g_return_if_fail (dst); g_return_if_fail (name && name[0]); nm_assert (nm_utils_is_valid_iface_name (name, NULL)); - if (g_strlcpy (dst, name, IFNAMSIZ) >= IFNAMSIZ) - g_return_if_reached (); + /* ensures NUL padding of the entire IFNAMSIZ buffer. */ + + for (i = 0; i < (int) IFNAMSIZ && name[i] != '\0'; i++) + dst[i] = name[i]; + + nm_assert (name[i] == '\0'); + + for (; i < (int) IFNAMSIZ; i++) + dst[i] = '\0'; } /*****************************************************************************/ |