On Wed, Jan 03, 2018 at 09:40:04AM +0000, Hugues FRUCHET wrote: > Hi Andi, > Thanks for the patch but I would suggest to use strlcpy instead, this > will guard msg.name overwriting and add the NULL termination in case > of truncation: > - memcpy(msg.name, name, sizeof(msg.name)); > - msg.name[sizeof(msg.name) - 1] = 0; > + strlcpy(msg.name, name, sizeof(msg.name));
I'm not an expert on your setup, but it seems strlcpy would leak some uninitialized stack data over your ipc mechanism. strclpy doesn't pad the data. If the IPC is a security boundary that would be a security bug. So I think the original patch is better than strlcpy. -Andi
