[asterisk-bugs] [JIRA] (SS7-64) strncpy() is used to potentially truncate a string but doesn't NULL terminate it
Sean Bright (JIRA)
noreply at issues.asterisk.org
Fri Aug 27 09:35:34 CDT 2021
[ https://issues.asterisk.org/jira/browse/SS7-64?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sean Bright closed SS7-64.
--------------------------
Resolution: Fixed
https://github.com/asterisk/libss7/commit/03e81bcd0d28ff25d4c77c78351ddadc82ff5c3f
> strncpy() is used to potentially truncate a string but doesn't NULL terminate it
> --------------------------------------------------------------------------------
>
> Key: SS7-64
> URL: https://issues.asterisk.org/jira/browse/SS7-64
> Project: LibSS7
> Issue Type: Bug
> Security Level: None
> Components: General
> Affects Versions: 2.0.0
> Reporter: George Joseph
> Assignee: Matthew Fredrickson
>
> “Hi! I’m the maintainer of the libss7 and libpri packages in Fedora Linux. I’ve been looking at some warnings that appear when libss7 is compiled with -Wstringop-truncation (Fedora usually adds -Werror=stringop-truncation). There are several cases where strncpy() is used to potentially truncate a string, and I suspect the result is expected to be null-terminated—but as the warnings point out, strncpy() does not null-terminate when the input is too long. I was hoping for an opinion from an upstream developer. Full details are at: https://bugzilla.redhat.com/show_bug.cgi?id=1932066. Thanks!"
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list