From 39e3c47a70c252835593bf39d6f206cfb38aec80 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Mon, 16 May 2016 21:42:53 -0400 Subject: [PATCH] Fix: illegal memory access in syscall_init_table MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Found by Coverity: CID 1243021 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)25. buffer_size_warning: Calling strncpy with a maximum size argument of 255 bytes on destination array (syscall_table + index).name of size 255 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- src/bin/lttng-sessiond/syscall.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/bin/lttng-sessiond/syscall.c b/src/bin/lttng-sessiond/syscall.c index 7ae6682bb..a994da52b 100644 --- a/src/bin/lttng-sessiond/syscall.c +++ b/src/bin/lttng-sessiond/syscall.c @@ -108,8 +108,13 @@ int syscall_init_table(void) } syscall_table[index].index = index; syscall_table[index].bitness = bitness; - strncpy(syscall_table[index].name, name, - sizeof(syscall_table[index].name)); + if (lttng_strncpy(syscall_table[index].name, name, + sizeof(syscall_table[index].name))) { + ret = -EINVAL; + free(syscall_table); + syscall_table = NULL; + goto error; + } /* DBG("Syscall name '%s' at index %" PRIu32 " of bitness %u", syscall_table[index].name, -- 2.34.1