-
Notifications
You must be signed in to change notification settings - Fork 219
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bogus usage of strncpy in unit tests #58
Comments
Imported from trac issue 35. Created by glimes on 2015-04-10T15:30:24, last modified: 2019-08-14T14:11:46 |
Trac comment by glimes on 2015-06-10 14:45:17: This could very well go away with #40 (or similar) changes. Confirming that as of [changeset:2c9c3451]
Refraining from copying the Here, the 3rd parameter should be
Comments as above. 3rd arg needs to be ''SIZE OF DESTINATION BUFFER'', |
Trac comment by glimes on 2015-07-13 18:16:59: When updating code using {{{ If the array pointed to by ''s2'' is a string that is shorter than ''n'' characters, null characters are appended to the copy in the array pointed to by ''s1'', until ''n'' characters in all have been written. That last paragraph was something I'd forgotten. It might be useful, and most assuredly obsoletes code that explicitly clears buffers before using |
Trac comment by glimes on 2015-07-13 18:43:03: Remaining misuses of
|
Trac comment by jphickey on 2018-05-14 16:17:14: Confirmed that these Some of these exist inside macros -- which is wrong on several levels -- should not be hiding big chunks of code like this inside a macro to begin with. With the UT assert framework this can be much cleaner, but this UT code was never fixed up appropriately. |
Trac comment by jhageman on 2019-07-03 13:34:40: Moved open 4.2.2 tickets to 4.3.1 |
Trac comment by jhageman on 2019-07-26 15:13:16: Milestone renamed |
Note unit-test-coverage/vxworks6 goes away with #267. Remaining issues:
|
Fixed in #318 - removed final offenders ut_os_stubs.h and ut_os_stubs.c |
@dmknutsen can you confirm this is resolved? |
Yep. In order to identify any remaining issues, I audited all files in the main cFS directory that contain the word strncpy. The attached spreadsheet contains the results of the audit. |
Closing as duplicate (issue was resolved by other pull requests.) |
There are several places in OSAL where the Buffer Overflow protection
feature of the
strncpy()
function is used incorrectly, in a way that causesit to not protect against buffer overflow.
Correct usage is to pass the size of the destination area as
the third argument, so strncpy() will stop before trying to write
past the end of the destination storage.
Incorrect usage observed is passing the length of the SOURCE string
as the limiting size. The resulting behavior is:
The upshot of this is
strncpy()
always copies the whole sourcestring and never writes a terminating NUL.
Better usage would be to present the destination buffer size
as the limiting size in the 3rd argument (yes,
strncpy()
stopswriting after writing the NUL).
The text was updated successfully, but these errors were encountered: