[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 01/17] syscall: replace strcpy() by g_strlcpy()
From: |
Laurent Vivier |
Subject: |
[Qemu-devel] [PULL 01/17] syscall: replace strcpy() by g_strlcpy() |
Date: |
Mon, 4 Jun 2018 17:19:59 +0200 |
From: Philippe Mathieu-Daudé <address@hidden>
linux-user/syscall.c:9860:17: warning: Call to function 'strcpy' is insecure as
it does not provide bounding of the memory buffer. Replace unbounded copy
functions with analogous functions that support length arguments such as
'strlcpy'. CWE-119
strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
^~~~~~
Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Laurent Vivier <address@hidden>
---
linux-user/syscall.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index d02c16bbc6..7b9ac3b408 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10156,7 +10156,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long
arg1,
if (!is_error(ret)) {
/* Overwrite the native machine name with whatever is being
emulated. */
- strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
+ g_strlcpy(buf->machine, cpu_to_uname_machine(cpu_env),
+ sizeof(buf->machine));
/* Allow the user to override the reported release. */
if (qemu_uname_release && *qemu_uname_release) {
g_strlcpy(buf->release, qemu_uname_release,
--
2.14.3
- [Qemu-devel] [PULL 00/17] Linux user for 3.0 patches, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 09/17] linux-user: move sparc/sparc64 fcntl definitions to sparc/target_fcntl.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 07/17] linux-user: move mips/mips64 fcntl definitions to mips/target_fcntl.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 06/17] linux-user: move arm/aarch64/m68k fcntl definitions to [arm|aarch64|m68k]/target_fcntl.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 01/17] syscall: replace strcpy() by g_strlcpy(),
Laurent Vivier <=
- [Qemu-devel] [PULL 12/17] linux-user: move sparc signal definitions to sparc/target_signal.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 13/17] linux-user: move mips signal definitions to mips/target_signal.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 11/17] linux-user: move generic signal definitions to generic/signal.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 16/17] linux-user: move hppa signal definitions to hppa/target_signal.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 02/17] linux-user: SPARC "rd %tick" can be used by user application, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 04/17] linux-user: move alpha fcntl definitions to alpha/target_fcntl.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 14/17] linux-user: move openrisc signal definitions to openrisc/target_signal.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 05/17] linux-user: move hppa fcntl definitions to hppa/target_fcntl.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 08/17] linux-user: move ppc fcntl definitions to ppc/target_fcntl.h, Laurent Vivier, 2018/06/04
- [Qemu-devel] [PULL 17/17] linux-user: remove useless #if, Laurent Vivier, 2018/06/04