From b25a59916106e5055be516f61f183a48f459b0b3 Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C3=A9r=C3=A9mie=20Galarneau?= Date: Tue, 15 Mar 2022 17:19:27 -0400 Subject: [PATCH] Clean-up: lttng-ctl: strnlen out of bounds access MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit gcc 11.2 produces the following warning. The lttng_strncpy helper assumes that 'src' is a null terminated string. As such, the use of a string literal (of size 37) in this specific example is correct as strnlen will not read beyond the null terminator. Replacing strnlen by strlen eliminates this warning. strnlen was used to short-circuit the source length check when it was larger than the destination. This optimization is unlikely to matter. Pascal-style strings should be used when string length computations are expected to be prohibitively expensive. In file included from ../../../src/common/macros.h:15, from ../../../include/lttng/health-internal.h:18, from lttng-ctl-health.cpp:19: In function 'size_t lttng_strnlen(const char*, size_t)', inlined from 'int lttng_strncpy(char*, const char*, size_t)' at ../../../src/common/macros.h:123:19, inlined from 'int set_health_socket_path(lttng_health*, int)' at lttng-ctl-health.cpp:198:22, inlined from 'int lttng_health_query(lttng_health*)' at lttng-ctl-health.cpp:319:30: ../../../src/common/compat/string.h:19:23: warning: 'size_t strnlen(const char*, size_t)' specified bound 4096 may exceed source size 37 [-Wstringop-overread] 19 | return strnlen(str, max); | ~~~~~~~^~~~~~~~~~ Signed-off-by: Jérémie Galarneau Change-Id: I290109433fcae7073321f1b48ecfbb2ec6e4ad26 --- src/common/macros.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/common/macros.h b/src/common/macros.h index 6b8eaf711..8c35f0c5f 100644 --- a/src/common/macros.h +++ b/src/common/macros.h @@ -115,12 +115,14 @@ void *zmalloc(size_t len) * It checks that the @src string fits into @dst_len before performing * the copy. On failure, no copy has been performed. * + * Assumes that 'src' is null-terminated. + * * dst_len includes the string's trailing NULL. */ static inline int lttng_strncpy(char *dst, const char *src, size_t dst_len) { - if (lttng_strnlen(src, dst_len) >= dst_len) { + if (strlen(src) >= dst_len) { /* Fail since copying would result in truncation. */ return -1; } -- 2.34.1