[Swan-dev] avoid strncpy : Discouraged or forbidden C functions
Antony Antony
antony at phenome.org
Wed Aug 16 17:07:40 UTC 2017
In recent scans I noticed a few warnings appearing due to possible incorrect
use strncpy and alike in libreswan code. These are probably not exploits
immediately, because these strings seems to come after other checks.
However, scans generate annoying warnings! If we avoid those may be Hugh's
eyes hurt less!
"Discouraged or forbidden C functions"
https://libreswan.org/wiki/Discouraged_or_forbidden_C_functions
The new ones are coming in faster than Hugh (occasionally and I) can fix:)
Here is an example fix of fix:)
*** CID 1454237: Memory - illegal accesses (BUFFER_SIZE_WARNING)
/lib/libswan/alg_info.c: 379 in parser_alg_info_add()
373 /* <ealg> missing */
374 return err_buf;
375 }
376 end--;
377 } while (isdigit(*end));
378 /* save for logging */
>>> CID 1454237: Memory - illegal accesses (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 20 bytes on
>>> destination array "p_ctx->eklen_buf" of size 20
+bytes might leave the destination string unterminated.
379 strncpy(p_ctx->eklen_buf, end + 1,
sizeof(p_ctx->eklen_buf));
380 int enckeylen = parse_eklen(err_buf, err_buf_len,
end + 1);
381 if (enckeylen <= 0) {
382 passert(err_buf[0] != '\0');
383 return err_buf;
384 }
More information about the Swan-dev
mailing list