These were found by Coverity, and technically they are correct.
Thus explicit null termination is added or strncpy is used.
void *user_data)
{
struct inotify_event *is;
- int bufsize = sizeof(struct inotify_event) + PATH_MAX;
+ int bufsize = sizeof(struct inotify_event) + PATH_MAX + 1;
char buf[bufsize];
i_watch_t *w;
FILE *f;
int read_bytes;
int processed_bytes = 0;
- read_bytes = read(fd, buf, bufsize);
+ read_bytes = read(fd, buf, bufsize - 1);
if (read_bytes < 0) {
mrp_log_error("Failed to read event from inotify: %s",
return;
}
+ buf[read_bytes] = '\0';
+
while (processed_bytes < read_bytes) {
char *filename = NULL;
DBusConnection *conn;
int i, nmethod, nsignal;
size_t size;
+ ssize_t amount_read;
nmethod = cfg.ndbus_method;
nsignal = cfg.ndbus_signal;
if (i != dbus_test.pipe[0])
close(i);
- size = sizeof(dbus_test.address);
- if (read(dbus_test.pipe[0], dbus_test.address, size) > 0) {
+ size = sizeof(dbus_test.address) - 1;
+ amount_read = read(dbus_test.pipe[0], dbus_test.address, size);
+ if (amount_read > 0) {
+ dbus_test.address[amount_read] = '\0';
info("DBUS test: got address '%s'", dbus_test.address);
}
int keylen = strlen(attrs->name);
- available -= keylen + 2;
+ /* we need space for 2 + null */
+ available -= keylen + 3;
if (available < 0)
goto outofspace;
strncpy(p, attrs->name, keylen);
p += keylen;
- strncpy(p, ": ", 2);
+ /*
+ * we copy ": \0" and then proceed to only
+ * move the pointer by two, thus we can
+ * add one to the amount of available
+ * space.
+ */
+ strncpy(p, ": ", 3);
p += 2;
+ available += 1;
switch (attrs->type) {
case mqi_string: