ACK: [PATCH] acpi: syntaxcheck: strcpy should be replaced with strncpy (LP: #1205215)
Keng-Yu Lin
kengyu at canonical.com
Mon Jul 29 09:03:00 UTC 2013
On Mon, Jul 29, 2013 at 4:13 PM, Alex Hung <alex.hung at canonical.com> wrote:
> On 07/26/2013 05:38 PM, Colin King wrote:
>>
>> From: Colin Ian King <colin.king at canonical.com>
>>
>> Coverity Scan complaining about a strcpy(). Although the buffer is
>> currently
>> bug enough, it may not be in the future, so use strncpy() to avoid buffer
>> overflow.
>>
>> CID null (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)2.
>>
>> Signed-off-by: Colin Ian King <colin.king at canonical.com>
>> ---
>> src/acpi/syntaxcheck/syntaxcheck.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/acpi/syntaxcheck/syntaxcheck.c
>> b/src/acpi/syntaxcheck/syntaxcheck.c
>> index 4b00480..55bcc7e 100644
>> --- a/src/acpi/syntaxcheck/syntaxcheck.c
>> +++ b/src/acpi/syntaxcheck/syntaxcheck.c
>> @@ -269,7 +269,8 @@ static const char *syntaxcheck_error_level(uint32_t
>> error_code)
>> return "Unknown";
>>
>> /* AslErrorLevel strings are end-space padded, so strip off end
>> spaces if any */
>> - strcpy(buf, AslErrorLevel[error_level]);
>> + strncpy(buf, AslErrorLevel[error_level], sizeof(buf));
>> + buf[sizeof(buf) -1] = '\0';
>> ptr = strchr(buf, ' ');
>> if (ptr)
>> *ptr = '\0';
>>
> Acked-by: Alex Hung <alex.hung at canonical.com>
>
> --
> Cheers,
> Alex Hung
>
Acked-by: Keng-Yu Lin <kengyu at canonical.com>
More information about the fwts-devel
mailing list