DM: using 'strncpy' coding style cleanup
- check buffer boundaries to avoid buffer overflow Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
This commit is contained in:
parent
2f3953a99a
commit
71975d63fd
|
@ -108,6 +108,7 @@ static int open_hugetlbfs(struct vmctx *ctx, int level)
|
|||
char uuid_str[48];
|
||||
uint8_t UUID[16];
|
||||
char *path;
|
||||
size_t len;
|
||||
struct statfs fs;
|
||||
|
||||
if (level >= HUGETLB_LV_MAX) {
|
||||
|
@ -116,10 +117,12 @@ static int open_hugetlbfs(struct vmctx *ctx, int level)
|
|||
}
|
||||
|
||||
path = hugetlb_priv[level].node_path;
|
||||
memset(path, '\0', MAX_PATH_LEN);
|
||||
strncpy(path, hugetlb_priv[level].mount_path, MAX_PATH_LEN);
|
||||
|
||||
len = strnlen(path, MAX_PATH_LEN);
|
||||
/* UUID will use 32 bytes */
|
||||
if (strnlen(path, MAX_PATH_LEN) + 32 > MAX_PATH_LEN) {
|
||||
if (len + 32 > MAX_PATH_LEN) {
|
||||
perror("PATH overflow");
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
@ -132,6 +135,7 @@ static int open_hugetlbfs(struct vmctx *ctx, int level)
|
|||
UUID[8], UUID[9], UUID[10], UUID[11],
|
||||
UUID[12], UUID[13], UUID[14], UUID[15]);
|
||||
|
||||
*(path + len) = '\0';
|
||||
strncat(path, uuid_str, strlen(uuid_str));
|
||||
|
||||
printf("open hugetlbfs file %s\n", path);
|
||||
|
@ -284,7 +288,8 @@ static int mmap_hugetlbfs_highmem(struct vmctx *ctx)
|
|||
static int create_hugetlb_dirs(int level)
|
||||
{
|
||||
char tmp_path[MAX_PATH_LEN], *path;
|
||||
int i, len;
|
||||
int i;
|
||||
size_t len;
|
||||
|
||||
if (level >= HUGETLB_LV_MAX) {
|
||||
perror("exceed max hugetlb level");
|
||||
|
@ -293,8 +298,8 @@ static int create_hugetlb_dirs(int level)
|
|||
|
||||
path = hugetlb_priv[level].mount_path;
|
||||
len = strlen(path);
|
||||
if (len >= MAX_PATH_LEN) {
|
||||
perror("exceed max path len");
|
||||
if (len >= MAX_PATH_LEN || len == 0) {
|
||||
perror("invalid path len");
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
|
|
|
@ -131,8 +131,7 @@ acrn_parse_kernel(char *arg)
|
|||
size_t len = strlen(arg);
|
||||
|
||||
if (len < STR_LEN) {
|
||||
strncpy(kernel_path, arg, len);
|
||||
kernel_path[len] = '\0';
|
||||
strncpy(kernel_path, arg, len + 1);
|
||||
if (check_image(kernel_path) != 0){
|
||||
fprintf(stderr, "SW_LOAD: check_image failed for '%s'\n",
|
||||
kernel_path);
|
||||
|
@ -151,8 +150,7 @@ acrn_parse_ramdisk(char *arg)
|
|||
size_t len = strlen(arg);
|
||||
|
||||
if (len < STR_LEN) {
|
||||
strncpy(ramdisk_path, arg, len);
|
||||
ramdisk_path[len] = '\0';
|
||||
strncpy(ramdisk_path, arg, len + 1);
|
||||
if (check_image(ramdisk_path) != 0){
|
||||
fprintf(stderr, "SW_LOAD: check_image failed for '%s'\n",
|
||||
ramdisk_path);
|
||||
|
|
|
@ -104,8 +104,7 @@ acrn_parse_bootargs(char *arg)
|
|||
size_t len = strlen(arg);
|
||||
|
||||
if (len < STR_LEN) {
|
||||
strncpy(bootargs, arg, len);
|
||||
bootargs[len] = '\0';
|
||||
strncpy(bootargs, arg, len + 1);
|
||||
with_bootargs = 1;
|
||||
printf("SW_LOAD: get bootargs %s\n", bootargs);
|
||||
return 0;
|
||||
|
|
|
@ -111,8 +111,7 @@ acrn_parse_guest_part_info(char *arg)
|
|||
size_t len = strlen(arg);
|
||||
|
||||
if (len < STR_LEN) {
|
||||
strncpy(guest_part_info_path, arg, len);
|
||||
guest_part_info_path[len] = '\0';
|
||||
strncpy(guest_part_info_path, arg, len + 1);
|
||||
assert(check_image(guest_part_info_path) == 0);
|
||||
|
||||
with_guest_part_info = true;
|
||||
|
@ -172,8 +171,7 @@ acrn_parse_vsbl(char *arg)
|
|||
size_t len = strlen(arg);
|
||||
|
||||
if (len < STR_LEN) {
|
||||
strncpy(vsbl_path, arg, len);
|
||||
vsbl_path[len] = '\0';
|
||||
strncpy(vsbl_path, arg, len + 1);
|
||||
assert(check_image(vsbl_path) == 0);
|
||||
|
||||
vsbl_file_name = vsbl_path;
|
||||
|
|
|
@ -922,7 +922,7 @@ basl_make_templates(void)
|
|||
len = strlen(tmpdir);
|
||||
|
||||
if ((len + sizeof(ASL_TEMPLATE) + 1) < MAXPATHLEN) {
|
||||
strncpy(basl_template, tmpdir, len);
|
||||
strncpy(basl_template, tmpdir, len + 1);
|
||||
while (len > 0 && basl_template[len - 1] == '/')
|
||||
len--;
|
||||
basl_template[len] = '/';
|
||||
|
@ -937,7 +937,7 @@ basl_make_templates(void)
|
|||
*/
|
||||
if ((len + sizeof(ASL_TEMPLATE) + 1 +
|
||||
sizeof(ASL_SUFFIX)) < MAXPATHLEN) {
|
||||
strncpy(basl_stemplate, tmpdir, len);
|
||||
strncpy(basl_stemplate, tmpdir, len + 1);
|
||||
basl_stemplate[len] = '/';
|
||||
strncpy(&basl_stemplate[len + 1], ASL_TEMPLATE,
|
||||
MAXPATHLEN - len - 1);
|
||||
|
|
Loading…
Reference in New Issue