Re: [Xen-devel] [PATCH] tools: libxl: NULL terminate partially constructed hex string
Wei Liu writes ("Re: [PATCH] tools: libxl: NULL terminate partially constructed hex string"): > On Tue, Feb 16, 2016 at 11:18:20AM +, Ian Campbell wrote: > > Coverity (correctly) complains that the strncpy(p, "0x", 2) will not > > null terminate p. > > Signed-off-by: Ian Campbell > > Acked-by: Wei Liu Committed-by: Ian Jackson ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH] tools: libxl: NULL terminate partially constructed hex string
On Tue, Feb 16, 2016 at 11:18:20AM +, Ian Campbell wrote: > Coverity (correctly) complains that the strncpy(p, "0x", 2) will not > null terminate p. > > Although we can see that in the rest of the function p will > definitely be NULL terminated by the time it is complete there is no > harm in passing 3 to the strncpy and allowing it to NULL terminate to > placate Coverity. We know this is safe because the allocation to hold > the string includes a "+3" for the 0x and the terminating NULL. > > Compile tested only. > > CID: 1198708 > > Signed-off-by: Ian Campbell Acked-by: Wei Liu > --- > I flip-flopped on just telling Coverity this was a false +ve, but > mainly landed on this course of action because the issue was marked as > "fix required" by Ian J in the coverity interface (it was also marked > "insignificant" FWIW). > --- > tools/libxl/libxl_utils.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/tools/libxl/libxl_utils.c b/tools/libxl/libxl_utils.c > index e42422a..672d3f8 100644 > --- a/tools/libxl/libxl_utils.c > +++ b/tools/libxl/libxl_utils.c > @@ -780,7 +780,7 @@ char *libxl_bitmap_to_hex_string(libxl_ctx *ctx, const > libxl_bitmap *bitmap) > int i = bitmap->size; > char *p = libxl__zalloc(NOGC, bitmap->size * 2 + 3); > char *q = p; > -strncpy(p, "0x", 2); > +strncpy(p, "0x", 3); > p += 2; > while(--i >= 0) { > sprintf(p, "%02x", bitmap->map[i]); > -- > 2.1.4 > ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
[Xen-devel] [PATCH] tools: libxl: NULL terminate partially constructed hex string
Coverity (correctly) complains that the strncpy(p, "0x", 2) will not null terminate p. Although we can see that in the rest of the function p will definitely be NULL terminated by the time it is complete there is no harm in passing 3 to the strncpy and allowing it to NULL terminate to placate Coverity. We know this is safe because the allocation to hold the string includes a "+3" for the 0x and the terminating NULL. Compile tested only. CID: 1198708 Signed-off-by: Ian Campbell --- I flip-flopped on just telling Coverity this was a false +ve, but mainly landed on this course of action because the issue was marked as "fix required" by Ian J in the coverity interface (it was also marked "insignificant" FWIW). --- tools/libxl/libxl_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/libxl/libxl_utils.c b/tools/libxl/libxl_utils.c index e42422a..672d3f8 100644 --- a/tools/libxl/libxl_utils.c +++ b/tools/libxl/libxl_utils.c @@ -780,7 +780,7 @@ char *libxl_bitmap_to_hex_string(libxl_ctx *ctx, const libxl_bitmap *bitmap) int i = bitmap->size; char *p = libxl__zalloc(NOGC, bitmap->size * 2 + 3); char *q = p; -strncpy(p, "0x", 2); +strncpy(p, "0x", 3); p += 2; while(--i >= 0) { sprintf(p, "%02x", bitmap->map[i]); -- 2.1.4 ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel