From bfc6eff048df5515de3aedb7e2eb52d41ba64d22 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Mon, 16 May 2016 21:42:48 -0400 Subject: [PATCH] Fix: illegal memory access in consumer_set_network_uri MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Found by Coverity: CID 1243029 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)31. buffer_size_warning: Calling strncpy with a maximum size argument of 4096 bytes on destination array obj->subdir of size 4096 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- src/bin/lttng-sessiond/consumer.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/bin/lttng-sessiond/consumer.c b/src/bin/lttng-sessiond/consumer.c index bd019dd31..a8c5fb871 100644 --- a/src/bin/lttng-sessiond/consumer.c +++ b/src/bin/lttng-sessiond/consumer.c @@ -715,7 +715,10 @@ int consumer_set_network_uri(struct consumer_output *obj, goto error; } - strncpy(obj->subdir, tmp_path, sizeof(obj->subdir)); + if (lttng_strncpy(obj->subdir, tmp_path, sizeof(obj->subdir))) { + ret = -LTTNG_ERR_INVALID; + goto error; + } DBG3("Consumer set network uri subdir path %s", tmp_path); } -- 2.34.1