You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Chuck Rolke (JIRA)" <ji...@apache.org> on 2018/07/18 14:53:00 UTC

[jira] [Closed] (DISPATCH-1009) _qd_policy_link_user_name_subst can return an unterminated string

     [ https://issues.apache.org/jira/browse/DISPATCH-1009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Chuck Rolke closed DISPATCH-1009.
---------------------------------
    Resolution: Won't Fix

The offending code was completely replaced by work related to DISPATCH-1011

> _qd_policy_link_user_name_subst can return an unterminated string
> -----------------------------------------------------------------
>
>                 Key: DISPATCH-1009
>                 URL: https://issues.apache.org/jira/browse/DISPATCH-1009
>             Project: Qpid Dispatch
>          Issue Type: Bug
>          Components: Policy Engine
>    Affects Versions: 1.0.1
>            Reporter: Alan Conway
>            Assignee: Chuck Rolke
>            Priority: Major
>
> On fedora 28 the gcc 8.1.1 compiler gives this warning-as-error:
> /home/aconway/dispatch/src/policy.c: In function '_qd_policy_link_user_name_subst':
> /home/aconway/dispatch/src/policy.c:541:9: error: 'strncpy' output may be truncated copying between 0 and 8 bytes from a string of length 7 [-Werror=stringop-truncation]
>          strncpy(obuf, duser, copysize);
>          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
>  
> The error is correct: the function is using strncpy to copy a string into a space that may be too small for it, resulting in an un-terminated string.
> I fixed some similar issues already but I'm confused by what's going on here: it looks like we are searching for the uname parameter and replacing it with "${user}" which seems backwards.
> The function would be simpler and clearer if it used snprintf rather than successive strncpy, i.e.
>     n = snprintf(obuf, osize, "%s%s%s", leading, duser, trailing);
> but the problem of properly handling the error if the resulting string is too big for obuf remains.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org