[asterisk-bugs] [Zaptel 0011471]: [patch] unsafe use of strncpy
noreply at bugs.digium.com
noreply at bugs.digium.com
Fri Dec 7 02:07:06 CST 2007
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=11471
======================================================================
Reported By: flefoll
Assigned To:
======================================================================
Project: Zaptel
Issue ID: 11471
Category: General
Reproducibility: always
Severity: minor
Priority: normal
Status: new
Zaptel Version: SVN
SVN Branch (only for SVN checkouts, not tarball releases): 1.4
SVN Revision (number only!): 3317
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 12-05-2007 03:15 CST
Last Modified: 12-07-2007 02:07 CST
======================================================================
Summary: [patch] unsafe use of strncpy
Description:
strncpy(dst, src, len) makes a copy of src towards dst, limited to len
characters, but does NOT guarantee a final null character. So if you want
to obtain a "traditional" null-terminated string, extra work is required.
Zaptel uses strncpy in many places, but most often does not do this extra
work, while destination initial contents is undetermined (stack, ...).
I suggest to use snprintf() instead of strncpy(), since snprintf does
guarantee a final null character. Constraint : snprintf requires including
stdio.h, while strncpy requires including strings.h.
See additional information for the list of files that use strncpy.
I will upload patches for a number of them (not all at the moment).
The same work should be done on SVN Trunk, but it did not compile
yesterday for me (Fedora 7)
======================================================================
----------------------------------------------------------------------
flefoll - 12-07-07 02:07
----------------------------------------------------------------------
My first idea was to define a static inline function indeed : I considered
adding a static inline zap_strncpy() in zaptel.h, but 3 things made me
prefer using snprintf (or combining strncpy() and dst[n-1]=0 in header
files) :
- includes problems
. size_t is unknown when compiling zonedata.c
(can be fixed by either changing includes or using "unsigned int"
instead)
. not all C files include zaptel.h
(can also be fixes by changing includes, of course)
- snprintf() replaces strncpy() PLUS strncat() in zaptel-base.c, and
strncat() use was buggy as well :-)
- snprintf() is already used in zaptel
However, I understand that zap_strncpy() or zap_copy_string() or whatever
may be prefered. Whatever solution will guarantee null-terminated strings
and avoid buffer overflows will be good.
Issue History
Date Modified Username Field Change
======================================================================
12-07-07 02:07 flefoll Note Added: 0075009
======================================================================
More information about the asterisk-bugs
mailing list