[lttng-dev] [PATCH lttng-tools 14/24] Fix: illegal memory access in syscall_init_table

Mathieu Desnoyers mathieu.desnoyers at efficios.com
Tue May 17 01:42:53 UTC 2016


Found by Coverity:
CID 1243021 (#1 of 1): Buffer not null terminated
(BUFFER_SIZE_WARNING)25. buffer_size_warning: Calling strncpy with a
maximum size argument of 255 bytes on destination array (syscall_table +
index).name of size 255 bytes might leave the destination string
unterminated.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers at efficios.com>
---
 src/bin/lttng-sessiond/syscall.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/bin/lttng-sessiond/syscall.c b/src/bin/lttng-sessiond/syscall.c
index 7ae6682..02fec15 100644
--- a/src/bin/lttng-sessiond/syscall.c
+++ b/src/bin/lttng-sessiond/syscall.c
@@ -108,8 +108,11 @@ int syscall_init_table(void)
 		}
 		syscall_table[index].index = index;
 		syscall_table[index].bitness = bitness;
-		strncpy(syscall_table[index].name, name,
-				sizeof(syscall_table[index].name));
+		if (lttng_strncpy(syscall_table[index].name, name,
+				sizeof(syscall_table[index].name))) {
+			ret = -EINVAL;
+			goto error;
+		}
 		/*
 		DBG("Syscall name '%s' at index %" PRIu32 " of bitness %u",
 				syscall_table[index].name,
-- 
2.1.4



More information about the lttng-dev mailing list