From: Karol Lewandowski Date: Fri, 3 Jan 2020 11:02:33 +0000 (+0100) Subject: Fix: Do not use source argument length in strncpy() X-Git-Tag: submit/tizen/20200107.112721^0 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=176ee4322e7a5292ce3068bf05a0abb0976c155e;p=platform%2Fcore%2Fapi%2Fsystem-info.git Fix: Do not use source argument length in strncpy() This fixes issue found by gcc 9.x, where strncpy's length argument was based on source argument length. This commit fixes possible bufer overflow. Change-Id: I933e999d4919e1dbce2834138a612c9f97f916a4 --- diff --git a/src/test/system_info_test.c b/src/test/system_info_test.c index a8178a5..0f308d3 100755 --- a/src/test/system_info_test.c +++ b/src/test/system_info_test.c @@ -16,7 +16,7 @@ #define DEFAULT_OPT 0 -#define CONVERT_ARGUMENT(input_str, output_num, table) \ +#define CONVERT_ARGUMENT(input_str, input_str_len, output_num, table) \ { \ int __idx; \ bool __is_converted = false; \ @@ -30,7 +30,8 @@ if (!__is_converted) { \ if (input_str[0] == '\0') { \ output_num = table[DEFAULT_OPT].num; \ - strncpy(input_str, table[DEFAULT_OPT].str, strlen(table[DEFAULT_OPT].str) + 1); \ + strncpy(input_str, table[DEFAULT_OPT].str, input_str_len - 1); \ + input_str[input_str_len - 1] = '\0'; \ } else { \ printf("Invalid argument %s\n\n", input_str); \ show_help(); \ @@ -160,9 +161,9 @@ int main(int argc, char *argv[]) } /* Convert string arguments into the enum value */ - CONVERT_ARGUMENT(tag_str, tag_num, tag_table); - CONVERT_ARGUMENT(type_str, type_num, type_table); - CONVERT_ARGUMENT(runtime_str, runtime_num, runtime_table); + CONVERT_ARGUMENT(tag_str, sizeof(tag_str), tag_num, tag_table); + CONVERT_ARGUMENT(type_str, sizeof(type_str), type_num, type_table); + CONVERT_ARGUMENT(runtime_str, sizeof(runtime_str), runtime_num, runtime_table); /* Set the runtime environment value */ switch (runtime_num) {