ACK: [PATCH] acpi: syntaxcheck: strcpy should be replaced with strncpy (LP: #1205215)
Alex Hung
alex.hung at canonical.com
Mon Jul 29 08:13:47 UTC 2013
On 07/26/2013 05:38 PM, Colin King wrote:
> From: Colin Ian King <colin.king at canonical.com>
>
> Coverity Scan complaining about a strcpy(). Although the buffer is currently
> bug enough, it may not be in the future, so use strncpy() to avoid buffer
> overflow.
>
> CID null (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)2.
>
> Signed-off-by: Colin Ian King <colin.king at canonical.com>
> ---
> src/acpi/syntaxcheck/syntaxcheck.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/src/acpi/syntaxcheck/syntaxcheck.c b/src/acpi/syntaxcheck/syntaxcheck.c
> index 4b00480..55bcc7e 100644
> --- a/src/acpi/syntaxcheck/syntaxcheck.c
> +++ b/src/acpi/syntaxcheck/syntaxcheck.c
> @@ -269,7 +269,8 @@ static const char *syntaxcheck_error_level(uint32_t error_code)
> return "Unknown";
>
> /* AslErrorLevel strings are end-space padded, so strip off end spaces if any */
> - strcpy(buf, AslErrorLevel[error_level]);
> + strncpy(buf, AslErrorLevel[error_level], sizeof(buf));
> + buf[sizeof(buf) -1] = '\0';
> ptr = strchr(buf, ' ');
> if (ptr)
> *ptr = '\0';
>
Acked-by: Alex Hung <alex.hung at canonical.com>
--
Cheers,
Alex Hung
More information about the fwts-devel
mailing list