From f2c057a6c6933c7975d27117e0cac9cb44789cc6 Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C3=A9r=C3=A9mie=20Galarneau?= Date: Wed, 16 Mar 2022 17:55:45 -0400 Subject: [PATCH] Clean-up: tests: silence bogus warning MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit 1486757 Buffer not null terminated If the buffer is treated as a null terminated string in later operations, a buffer overflow or over-read may occur. In test_create_ust_event_exclusion(): The string buffer may not have a null terminator if the source string's length is equal to the buffer size (CWE-170) Signed-off-by: Jérémie Galarneau Change-Id: I0c3fd6c9d591e1c67d8b80bf12825bb0d1520a65 --- tests/unit/test_ust_data.cpp | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/tests/unit/test_ust_data.cpp b/tests/unit/test_ust_data.cpp index 04aa8c83e..e62f6b571 100644 --- a/tests/unit/test_ust_data.cpp +++ b/tests/unit/test_ust_data.cpp @@ -143,6 +143,7 @@ static void test_create_ust_event(void) static void test_create_ust_event_exclusion(void) { + int copy_ret; enum lttng_error_code ret; struct ltt_ust_event *event; struct lttng_event ev; @@ -206,16 +207,24 @@ static void test_create_ust_event_exclusion(void) */ exclusion->count = exclusion_count; - strncpy(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 0), - get_random_string(), LTTNG_SYMBOL_NAME_LEN - 1); - strncpy(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 1), - get_random_string(), LTTNG_SYMBOL_NAME_LEN - 1); + copy_ret = lttng_strncpy(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 0), + get_random_string(), + sizeof(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 0))); + LTTNG_ASSERT(copy_ret == 0); + copy_ret = lttng_strncpy(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 1), + get_random_string(), + sizeof(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 1))); + LTTNG_ASSERT(copy_ret == 0); exclusion_copy->count = exclusion_count; - strncpy(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion_copy, 0), - LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 0), LTTNG_SYMBOL_NAME_LEN); - strncpy(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion_copy, 1), - LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 1), LTTNG_SYMBOL_NAME_LEN); + copy_ret = lttng_strncpy(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion_copy, 0), + LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 0), + sizeof(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion_copy, 0))); + LTTNG_ASSERT(copy_ret == 0); + copy_ret = lttng_strncpy(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion_copy, 1), + LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion, 1), + sizeof(LTTNG_EVENT_EXCLUSION_NAME_AT(exclusion_copy, 1))); + LTTNG_ASSERT(copy_ret == 0); ret = trace_ust_create_event(&ev, NULL, NULL, exclusion, false, &event); exclusion = NULL; -- 2.34.1