secure coding: #2 strcpy => strlcpy

Signed-off-by: Donghwa Jeong <dh48.jeong@samsung.com>

secure coding: #2 strcpy => strlcpy
7a3e2867 · Donghwa Jeong · Christian Brauner · 0c4826e3 · 7a3e2867 · 7a3e2867
Unverified Commit 7a3e2867 authored Jun 18, 2018 by Donghwa Jeong Committed by Christian Brauner Dec 10, 2018
Showing with 58 additions and 16 deletions

initutils.c src/lxc/initutils.c +10 -3

lxc_user_nic.c src/lxc/lxc_user_nic.c +8 -2

nbd.c src/lxc/storage/nbd.c +10 -2

storage.c src/lxc/storage/storage.c +9 -2

utils.c src/lxc/utils.c +21 -7

No files found.
--- a/src/lxc/initutils.c
+++ b/src/lxc/initutils.c
@@ -26,6 +26,10 @@
 #include "initutils.h"
 #include "log.h"
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
 lxc_log_define(lxc_initutils, lxc);
 static char *copy_global_config_value(char *p)
@@ -35,14 +39,17 @@ static char *copy_global_config_value(char *p)
 	if (len < 1)
 		return NULL;
 	if (p[len-1] == '\n') {
 		p[len-1] = '\0';
 		len--;
 	}
-	retbuf = malloc(len+1);
+	retbuf = malloc(len + 1);
 	if (!retbuf)
 		return NULL;
-	strcpy(retbuf, p);
+	(void)strlcpy(retbuf, p, len + 1);
 	return retbuf;
 }
@@ -355,7 +362,7 @@ int setproctitle(char *title)
 	ret = prctl(PR_SET_MM, PR_SET_MM_MAP, (long) &prctl_map, sizeof(prctl_map), 0);
 	if (ret == 0)
-		strcpy((char*)arg_start, title);
+		(void)strlcpy((char*)arg_start, title, len);
 	else
 		INFO("setting cmdline failed - %s", strerror(errno));

--- a/src/lxc/lxc_user_nic.c
+++ b/src/lxc/lxc_user_nic.c
@@ -50,6 +50,10 @@
 #include "network.h"
 #include "utils.h"
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
 #define usernic_debug_stream(stream, format, ...)                              \
 	do {                                                                   \
 		fprintf(stream, "%s: %d: %s: " format, __FILE__, __LINE__,     \
@@ -828,9 +832,11 @@ static bool create_db_dir(char *fnam)
 {
 	int ret;
 	char *p;
+	size_t len;
-	p = alloca(strlen(fnam) + 1);
+	len = strlen(fnam);
-	strcpy(p, fnam);
+	p = alloca(len + 1);
+	(void)strlcpy(p, fnam, len + 1);
 	fnam = p;
 	p = p + 1;

--- a/src/lxc/storage/nbd.c
+++ b/src/lxc/storage/nbd.c
@@ -37,6 +37,10 @@
 #include "storage_utils.h"
 #include "utils.h"
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
 lxc_log_define(nbd, lxc);
 struct nbd_attach_data {
@@ -53,10 +57,14 @@ static bool wait_for_partition(const char *path);
 bool attach_nbd(char *src, struct lxc_conf *conf)
 {
-	char *orig = alloca(strlen(src)+1), *p, path[50];
+	char *orig, *p, path[50];
 	int i = 0;
+	size_t len;
+	len = strlen(src);
+	orig = alloca(len + 1);
+	(void)strlcpy(orig, src, len + 1);
-	strcpy(orig, src);
 	/* if path is followed by a partition, drop that for now */
 	p = strchr(orig, ':');
 	if (p)

--- a/src/lxc/storage/storage.c
+++ b/src/lxc/storage/storage.c
@@ -61,6 +61,10 @@
 #include "utils.h"
 #include "zfs.h"
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
 #ifndef BLKGETSIZE64
 #define BLKGETSIZE64 _IOR(0x12, 114, size_t)
 #endif
@@ -510,9 +514,12 @@ struct lxc_storage *storage_create(const char *dest, const char *type,
 	if (strchr(type, ',')) {
 		char *dup, *token;
 		char *saveptr = NULL;
+		size_t len;
+		len = strlen(type);
+		dup = alloca(len + 1);
+		(void)strlcpy(dup, type, len + 1);
-		dup = alloca(strlen(type) + 1);
-		strcpy(dup, type);
 		for (token = strtok_r(dup, ",", &saveptr); token;
 		     token = strtok_r(NULL, ",", &saveptr)) {
 			bdev = do_storage_create(dest, token, cname, specs);

--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -51,6 +51,10 @@
 #include "parse.h"
 #include "utils.h"
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
 #ifndef O_PATH
 #define O_PATH      010000000
 #endif
@@ -641,7 +645,8 @@ char *lxc_string_join(const char *sep, const char **parts, bool use_as_prefix)
 		return NULL;
 	if (use_as_prefix)
-		strcpy(result, sep);
+		(void)strlcpy(result, sep, result_len + 1);
 	for (p = (char **)parts; *p; p++) {
 		if (p > (char **)parts)
 			strcat(result, sep);
@@ -758,12 +763,15 @@ bool lxc_string_in_list(const char *needle, const char *haystack, char _sep)
 {
 	char *token, *str, *saveptr = NULL;
 	char sep[2] = { _sep, '\0' };
+	size_t len;
 	if (!haystack || !needle)
 		return 0;
-	str = alloca(strlen(haystack)+1);
+	len = strlen(haystack);
-	strcpy(str, haystack);
+	str = alloca(len + 1);
+	(void)strlcpy(str, haystack, len + 1);
 	for (; (token = strtok_r(str, sep, &saveptr)); str = NULL) {
 		if (strcmp(needle, token) == 0)
 			return 1;
@@ -780,12 +788,15 @@ char **lxc_string_split(const char *string, char _sep)
 	size_t result_capacity = 0;
 	size_t result_count = 0;
 	int r, saved_errno;
+	size_t len;
 	if (!string)
 		return calloc(1, sizeof(char *));
-	str = alloca(strlen(string) + 1);
+	len = strlen(string);
-	strcpy(str, string);
+	str = alloca(len + 1);
+	(void)strlcpy(str, string, len + 1);
 	for (; (token = strtok_r(str, sep, &saveptr)); str = NULL) {
 		r = lxc_grow_array((void ***)&result, &result_capacity, result_count + 1, 16);
 		if (r < 0)
@@ -821,12 +832,15 @@ char **lxc_string_split_and_trim(const char *string, char _sep)
 	size_t result_count = 0;
 	int r, saved_errno;
 	size_t i = 0;
+	size_t len;
 	if (!string)
 		return calloc(1, sizeof(char *));
-	str = alloca(strlen(string)+1);
+	len = strlen(string);
-	strcpy(str, string);
+	str = alloca(len + 1);
+	(void)strlcpy(str, string, len + 1);
 	for (; (token = strtok_r(str, sep, &saveptr)); str = NULL) {
 		while (token[0] == ' ' || token[0] == '\t')
 			token++;