From ceddcac74a6eafae8d959adcbfee17d4cae2c3a8 Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Tue, 5 Apr 2022 12:33:31 +0200
Subject: conf, tap: False "Buffer not null terminated" positives, CWE-170
Those strings are actually guaranteed to be NULL-terminated. Reported
by Coverity.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
conf.c | 6 +++---
tap.c | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/conf.c b/conf.c
index 2412fc6..5c614cd 100644
--- a/conf.c
+++ b/conf.c
@@ -1035,7 +1035,7 @@ void conf(struct ctx *c, int argc, char **argv)
usage(argv[0]);
}
- ret = snprintf(c->sock_path, sizeof(c->sock_path), "%s",
+ ret = snprintf(c->sock_path, UNIX_SOCK_MAX - 1, "%s",
optarg);
if (ret <= 0 || ret >= (int)sizeof(c->pcap)) {
err("Invalid socket path: %s", optarg);
@@ -1048,9 +1048,9 @@ void conf(struct ctx *c, int argc, char **argv)
usage(argv[0]);
}
- ret = snprintf(c->pasta_ifn, sizeof(c->pasta_ifn), "%s",
+ ret = snprintf(c->pasta_ifn, IFNAMSIZ - 1, "%s",
optarg);
- if (ret <= 0 || ret >= (int)sizeof(c->pasta_ifn)) {
+ if (ret <= 0 || ret >= IFNAMSIZ - 1) {
err("Invalid interface name: %s", optarg);
usage(argv[0]);
}
diff --git a/tap.c b/tap.c
index 8110577..04ceade 100644
--- a/tap.c
+++ b/tap.c
@@ -798,9 +798,9 @@ static void tap_sock_unix_init(struct ctx *c)
char *path = addr.sun_path;
if (*c->sock_path)
- strncpy(path, c->sock_path, UNIX_PATH_MAX);
+ memcpy(path, c->sock_path, UNIX_PATH_MAX);
else
- snprintf(path, UNIX_PATH_MAX, UNIX_SOCK_PATH, i);
+ snprintf(path, UNIX_PATH_MAX - 1, UNIX_SOCK_PATH, i);
ex = socket(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0);
if (ex < 0) {
@@ -899,7 +899,7 @@ static int tap_ns_tun(void *arg)
int flags = O_RDWR | O_NONBLOCK | O_CLOEXEC;
struct ctx *c = (struct ctx *)arg;
- strncpy(ifr.ifr_name, c->pasta_ifn, IFNAMSIZ);
+ memcpy(ifr.ifr_name, c->pasta_ifn, IFNAMSIZ);
if (ns_enter(c) ||
(tun_ns_fd = open("/dev/net/tun", flags)) < 0 ||
--
cgit v1.2.3