220b352b70
- Since strncpy(3) is not designed to write strings, but rather (null-padded) character sequences (a.k.a. unterminated strings), we had to manually append a '\0'. strlcpy(3) creates strings, so they are always terminated. This removes dependencies between lines, and also removes chances of accidents. - Repurposing strncpy(3) to create strings requires calculating the location of the terminating null byte, which involves a '-1' calculation. This is a source of off-by-one bugs. The new code has no '-1' calculations, so there's almost-zero chance of these bugs. - strlcpy(3) doesn't padd with null bytes. Padding is relevant when writing fixed-width buffers to binary files, when interfacing certain APIs (I believe utmpx requires null padding at lease in some systems), or when sending them to other processes or through the network. This is not the case, so padding is effectively ignored. - strlcpy(3) requires that the input string is really a string; otherwise it crashes (SIGSEGV). Let's check if the input strings are really strings: - lib/fields.c: - 'cp' was assigned from 'newft', and 'newft' comes from fgets(3). - lib/gshadow.c: - strlen(string) is calculated a few lines above. - libmisc/console.c: - 'cons' comes from getdef_str, which is a bit cryptic, but seems to generate strings, I guess.1 - libmisc/date_to_str.c: - It receives a string literal. :) - libmisc/utmp.c: - 'tname' comes from ttyname(3), which returns a string. - src/su.c: - 'tmp_name' has been passed to strcmp(3) a few lines above. Signed-off-by: Alejandro Colomar <alx@kernel.org> |
||
---|---|---|
.. | ||
.indent.pro | ||
commonio.c | ||
commonio.h | ||
defines.h | ||
encrypt.c | ||
exitcodes.h | ||
faillog.h | ||
fields.c | ||
fputsx.c | ||
get_gid.c | ||
get_pid.c | ||
get_uid.c | ||
getdef.c | ||
getdef.h | ||
getlong.c | ||
getulong.c | ||
groupio.c | ||
groupio.h | ||
groupmem.c | ||
gshadow_.h | ||
gshadow.c | ||
lockpw.c | ||
Makefile.am | ||
nscd.c | ||
nscd.h | ||
nss.c | ||
pam_defs.h | ||
port.c | ||
port.h | ||
prototypes.h | ||
pwauth.c | ||
pwauth.h | ||
pwio.c | ||
pwio.h | ||
pwmem.c | ||
run_part.c | ||
run_part.h | ||
selinux.c | ||
semanage.c | ||
sgetgrent.c | ||
sgetpwent.c | ||
sgetspent.c | ||
sgroupio.c | ||
sgroupio.h | ||
shadow.c | ||
shadowio.c | ||
shadowio.h | ||
shadowlog_internal.h | ||
shadowlog.c | ||
shadowlog.h | ||
shadowmem.c | ||
spawn.c | ||
sssd.c | ||
sssd.h | ||
subordinateio.c | ||
subordinateio.h | ||
tcbfuncs.c | ||
tcbfuncs.h | ||
utent.c |