[V2] selinux: Fix strncpy in libselinux and libsepol
diff mbox series

Message ID 20190602091613.5102-1-richard_c_haines@btinternet.com
State Superseded
Headers show
Series
  • [V2] selinux: Fix strncpy in libselinux and libsepol
Related show

Commit Message

Richard Haines June 2, 2019, 9:16 a.m. UTC
When building with gcc9, get build errors such as:

genbools.c:24:2: error: ‘strncpy’ output may be truncated copying 8191
bytes from a string of length 8191 [-Werror=stringop-truncation]
   24 |  strncpy(dest, ptr, size);
      |  ^~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
---
V2 Change
Remove buffer resizing and just fix buffer lengths to match for strncpy.
To test booleans.c use security_load_booleans(3)
To test genbools.c generate a policy 'booleans' file and run semodule -B

 libselinux/src/booleans.c | 2 +-
 libsepol/src/genbools.c   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Patch
diff mbox series

diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
index ab1e0754..e1079fb9 100644
--- a/libselinux/src/booleans.c
+++ b/libselinux/src/booleans.c
@@ -358,7 +358,7 @@  static int process_boolean(char *buffer, char *name, int namesize, int *val)
 		return -1;
 	}
 	strncpy(name1, tok, BUFSIZ - 1);
-	strtrim(name, name1, namesize - 1);
+	strtrim(name, name1, namesize);
 
 	tok = strtok_r(NULL, "\0", &ptr);
 	if (!tok) {
diff --git a/libsepol/src/genbools.c b/libsepol/src/genbools.c
index d4a2df62..c6595b80 100644
--- a/libsepol/src/genbools.c
+++ b/libsepol/src/genbools.c
@@ -49,7 +49,7 @@  static int process_boolean(char *buffer, char *name, int namesize, int *val)
 		return -1;
 	}
 	strncpy(name1, tok, BUFSIZ - 1);
-	strtrim(name, name1, namesize - 1);
+	strtrim(name, name1, namesize);
 
 	tok = strtok_r(NULL, "\0", &ptr);
 	if (!tok) {