Re: [Xen-devel] [PATCH] tools: libxl: NULL terminate partially constructed hex string
Wei Liu writes ("Re: [PATCH] tools: libxl: NULL terminate partially constructed
hex string"):
> On Tue, Feb 16, 2016 at 11:18:20AM +, Ian Campbell wrote:
> > Coverity (correctly) complains that the strncpy(p, "0x", 2) will not
> > null terminate p.
> > Signed-off-by: Ian Campbell
>
> Acked-by: Wei Liu
Committed-by: Ian Jackson
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH] tools: libxl: NULL terminate partially constructed hex string
On Tue, Feb 16, 2016 at 11:18:20AM +, Ian Campbell wrote:
> Coverity (correctly) complains that the strncpy(p, "0x", 2) will not
> null terminate p.
>
> Although we can see that in the rest of the function p will
> definitely be NULL terminated by the time it is complete there is no
> harm in passing 3 to the strncpy and allowing it to NULL terminate to
> placate Coverity. We know this is safe because the allocation to hold
> the string includes a "+3" for the 0x and the terminating NULL.
>
> Compile tested only.
>
> CID: 1198708
>
> Signed-off-by: Ian Campbell
Acked-by: Wei Liu
> ---
> I flip-flopped on just telling Coverity this was a false +ve, but
> mainly landed on this course of action because the issue was marked as
> "fix required" by Ian J in the coverity interface (it was also marked
> "insignificant" FWIW).
> ---
> tools/libxl/libxl_utils.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/libxl/libxl_utils.c b/tools/libxl/libxl_utils.c
> index e42422a..672d3f8 100644
> --- a/tools/libxl/libxl_utils.c
> +++ b/tools/libxl/libxl_utils.c
> @@ -780,7 +780,7 @@ char *libxl_bitmap_to_hex_string(libxl_ctx *ctx, const
> libxl_bitmap *bitmap)
> int i = bitmap->size;
> char *p = libxl__zalloc(NOGC, bitmap->size * 2 + 3);
> char *q = p;
> -strncpy(p, "0x", 2);
> +strncpy(p, "0x", 3);
> p += 2;
> while(--i >= 0) {
> sprintf(p, "%02x", bitmap->map[i]);
> --
> 2.1.4
>
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
[Xen-devel] [PATCH] tools: libxl: NULL terminate partially constructed hex string
Coverity (correctly) complains that the strncpy(p, "0x", 2) will not
null terminate p.
Although we can see that in the rest of the function p will
definitely be NULL terminated by the time it is complete there is no
harm in passing 3 to the strncpy and allowing it to NULL terminate to
placate Coverity. We know this is safe because the allocation to hold
the string includes a "+3" for the 0x and the terminating NULL.
Compile tested only.
CID: 1198708
Signed-off-by: Ian Campbell
---
I flip-flopped on just telling Coverity this was a false +ve, but
mainly landed on this course of action because the issue was marked as
"fix required" by Ian J in the coverity interface (it was also marked
"insignificant" FWIW).
---
tools/libxl/libxl_utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/libxl/libxl_utils.c b/tools/libxl/libxl_utils.c
index e42422a..672d3f8 100644
--- a/tools/libxl/libxl_utils.c
+++ b/tools/libxl/libxl_utils.c
@@ -780,7 +780,7 @@ char *libxl_bitmap_to_hex_string(libxl_ctx *ctx, const
libxl_bitmap *bitmap)
int i = bitmap->size;
char *p = libxl__zalloc(NOGC, bitmap->size * 2 + 3);
char *q = p;
-strncpy(p, "0x", 2);
+strncpy(p, "0x", 3);
p += 2;
while(--i >= 0) {
sprintf(p, "%02x", bitmap->map[i]);
--
2.1.4
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
