[02/10] alfred: Force null termination of string after strncpy
Commit Message
strncpy doesn't terminate the string with a '\0' character when the length
of the destination memory location was shorter than the source string.
Accessing it again with string related functions isn't safe after such a
semi-failed copy and the caller has to handle it. The easiest way is to
always set the last character in the destination buffer to '\0' after the
strncpy was called.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
---
debugfs.c | 1 +
netsock.c | 1 +
server.c | 1 +
vis/vis.c | 1 +
4 files changed, 4 insertions(+)
@@ -154,6 +154,7 @@ char *debugfs_mount(const char *mountpoint)
/* save the mountpoint */
strncpy(debugfs_mountpoint, mountpoint, sizeof(debugfs_mountpoint));
+ debugfs_mountpoint[sizeof(debugfs_mountpoint) - 1] = '\0';
debugfs_found = 1;
return debugfs_mountpoint;
@@ -59,6 +59,7 @@ int netsock_open(struct globals *globals)
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, globals->interface, IFNAMSIZ);
+ ifr.ifr_name[IFNAMSIZ - 1] = '\0';
if (ioctl(sock, SIOCGIFINDEX, &ifr) == -1) {
fprintf(stderr, "can't get interface: %s\n", strerror(errno));
goto err;
@@ -242,6 +242,7 @@ static void check_if_socket(struct globals *globals)
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, globals->interface, IFNAMSIZ);
+ ifr.ifr_name[IFNAMSIZ - 1] = '\0';
if (ioctl(sock, SIOCGIFINDEX, &ifr) == -1) {
fprintf(stderr, "can't get interface: %s, closing netsock\n",
strerror(errno));
@@ -102,6 +102,7 @@ static int get_if_mac(char *ifname, uint8_t *mac)
int sock, ret;
strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+ ifr.ifr_name[IFNAMSIZ - 1] = '\0';
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
fprintf(stderr, "can't get interface: %s\n", strerror(errno));