From patchwork Fri Mar 29 11:10:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= X-Patchwork-Id: 10876889 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B972D1390 for ; Fri, 29 Mar 2019 11:18:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A4D3B28ACE for ; Fri, 29 Mar 2019 11:18:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 97B3C29006; Fri, 29 Mar 2019 11:18:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 30B1228ACE for ; Fri, 29 Mar 2019 11:18:36 +0000 (UTC) Received: from localhost ([127.0.0.1]:50939 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h9pWt-0001pn-8k for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Mar 2019 07:18:35 -0400 Received: from eggs.gnu.org ([209.51.188.92]:49176) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h9pQV-0003m0-7Z for qemu-devel@nongnu.org; Fri, 29 Mar 2019 07:12:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h9pQO-0008LE-UA for qemu-devel@nongnu.org; Fri, 29 Mar 2019 07:11:56 -0400 Received: from mx1.redhat.com ([209.132.183.28]:58254) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h9pQN-0007rB-Tv; Fri, 29 Mar 2019 07:11:52 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 442D13087BAD; Fri, 29 Mar 2019 11:11:47 +0000 (UTC) Received: from dhcp-17-117.lcy.redhat.com (unknown [10.42.17.117]) by smtp.corp.redhat.com (Postfix) with ESMTP id CA7F160BFB; Fri, 29 Mar 2019 11:11:44 +0000 (UTC) From: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Fri, 29 Mar 2019 11:10:56 +0000 Message-Id: <20190329111104.17223-7-berrange@redhat.com> In-Reply-To: <20190329111104.17223-1-berrange@redhat.com> References: <20190329111104.17223-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Fri, 29 Mar 2019 11:11:47 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH 06/14] sockets: avoid string truncation warnings when copying UNIX path X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eric Farman , Farhan Ali , David Hildenbrand , Cornelia Huck , Alex Williamson , Laurent Vivier , Halil Pasic , Max Filippov , qemu-s390x@nongnu.org, Gerd Hoffmann , Thomas Huth , Riku Voipio , Christian Borntraeger , Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP In file included from /usr/include/string.h:494, from include/qemu/osdep.h:101, from util/qemu-sockets.c:18: In function ‘strncpy’, inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5: /usr/include/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Wstringop-truncation] 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function ‘strncpy’, inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5: /usr/include/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Wstringop-truncation] 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ We are already validating the UNIX socket path length earlier in the functions. If we save this string length when we first check it, then we can simply use memcpy instead of strcpy later, avoiding the gcc truncation warnings. Signed-off-by: Daniel P. Berrangé --- util/qemu-sockets.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c index 9705051690..ba6335e71a 100644 --- a/util/qemu-sockets.c +++ b/util/qemu-sockets.c @@ -830,6 +830,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr, int sock, fd; char *pathbuf = NULL; const char *path; + size_t pathlen; sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0); if (sock < 0) { @@ -845,7 +846,8 @@ static int unix_listen_saddr(UnixSocketAddress *saddr, path = pathbuf = g_strdup_printf("%s/qemu-socket-XXXXXX", tmpdir); } - if (strlen(path) > sizeof(un.sun_path)) { + pathlen = strlen(path); + if (pathlen > sizeof(un.sun_path)) { error_setg(errp, "UNIX socket path '%s' is too long", path); error_append_hint(errp, "Path must be less than %zu bytes\n", sizeof(un.sun_path)); @@ -877,7 +879,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr, memset(&un, 0, sizeof(un)); un.sun_family = AF_UNIX; - strncpy(un.sun_path, path, sizeof(un.sun_path)); + memcpy(un.sun_path, path, pathlen); if (bind(sock, (struct sockaddr*) &un, sizeof(un)) < 0) { error_setg_errno(errp, errno, "Failed to bind socket to %s", path); @@ -901,6 +903,7 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp) { struct sockaddr_un un; int sock, rc; + size_t pathlen; if (saddr->path == NULL) { error_setg(errp, "unix connect: no path specified"); @@ -913,7 +916,8 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp) return -1; } - if (strlen(saddr->path) > sizeof(un.sun_path)) { + pathlen = strlen(saddr->path); + if (pathlen > sizeof(un.sun_path)) { error_setg(errp, "UNIX socket path '%s' is too long", saddr->path); error_append_hint(errp, "Path must be less than %zu bytes\n", sizeof(un.sun_path)); @@ -922,7 +926,7 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp) memset(&un, 0, sizeof(un)); un.sun_family = AF_UNIX; - strncpy(un.sun_path, saddr->path, sizeof(un.sun_path)); + memcpy(un.sun_path, saddr->path, pathlen); /* connect to peer */ do {