Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy
From: Murray J. Root
Date: Thu Nov 27 2003 - 16:16:22 EST
On Fri, Nov 28, 2003 at 05:47:24AM +0900, YOSHIFUJI Hideaki / ?$B5HF#1QL@ wrote:
> In article <20031127200041.B25015@xxxxxxxxxxxxxxxxxxxxxx> (at Thu, 27 Nov 2003 20:00:41 +0000), Russell King <rmk+lkml@xxxxxxxxxxxxxxxx> says:
>
> > The thing that worries me is that an incorrect strlcpy() conversion
> > gives the impression that someone has thought about buffer underruns
> > as well as overruns, and, unless someone /has/ actually thought about
> > it, there could well still be a security problem lurking there.
>
> Hmm, what do you actually mean by "buffer underruns?"
>
> (If I'm correct) do you suggest that we should zero-out rest of
> destination buffer?
>
> if so, we may want to have a function, say strlcpy0(), like this:
>
> size_t strlcpy0(char *dst, const char *src, size_t maxlen)
> {
> size_t len = strlcpy(dst, src, maxlen);
> if (maxlen && len < maxlen - 1)
> memset(dst + len + 1, 0, maxlen - len - 1);
> return len;
> }
>
size_t strlcpy0(char *dst, const char *src, size_t maxlen)
{
memset(dst, 0, maxlen);
size_t len = strlcpy(dst, src, maxlen);
return len;
}
--
Murray J. Root
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/