From 542380a13f178d97851751b57054a6b5be555d1c Mon Sep 17 00:00:00 2001
|
From: Jens Rehsack <sno@netbsd.org>
|
Date: Thu, 13 Aug 2020 16:16:44 +0200
|
Subject: [PATCH 2/2] test/test_x509.c: fix potential overflow issue
|
|
Instead of doing a memcpy() which does static overflow checking, use
|
snprintf() for string copying which does the check dynamically.
|
|
Fixes:
|
| In file included from .../recipe-sysroot/usr/include/string.h:519,
|
| from test/test_x509.c:27:
|
| In function 'memcpy',
|
| inlined from 'parse_keyvalue' at test/test_x509.c:845:2,
|
| inlined from 'process_conf_file' at test/test_x509.c:1360:7,
|
| inlined from 'main' at test/test_x509.c:2038:2:
|
| .../recipe-sysroot/usr/include/bits/string_fortified.h:34:10: warning: '__builtin_memcpy' specified bound 4294967295 exceeds maximum object size 2147483647 [-Wstringop-overflow=]
|
| 34 | return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
|
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
Signed-off-by: Jens Rehsack <sno@netbsd.org>
|
---
|
test/test_x509.c | 3 +--
|
1 file changed, 1 insertion(+), 2 deletions(-)
|
|
diff --git a/test/test_x509.c b/test/test_x509.c
|
index 2c61cf5..76f6ab9 100644
|
--- a/test/test_x509.c
|
+++ b/test/test_x509.c
|
@@ -842,8 +842,7 @@ parse_keyvalue(HT *d)
|
return -1;
|
}
|
name = xmalloc(u + 1);
|
- memcpy(name, buf, u);
|
- name[u] = 0;
|
+ snprintf(name, u, "%s", buf);
|
if (HT_get(d, name) != NULL) {
|
xfree(name);
|
return -1;
|
--
|
2.17.1
|
