fix(test,userspace): fixed strncat usage. #1113
Conversation
Signed-off-by: Federico Di Pierro <[email protected]>
poiana
added
kind/bug
|
/milestone 0.11.0 |
|
/cc @incertum @LucaGuerra |
| @@ -46,9 +46,9 @@ static inline void err_append(char* s, const char* suffix, const char* sep) | |||
| { | |||
| if (*s != '\0') | |||
| { | |||
| strncat(s, sep, PLUGIN_MAX_ERRLEN - strlen(sep)); | |||
| strncat(s, sep, PLUGIN_MAX_ERRLEN - strlen(s) - 1); | |||
There was a problem hiding this comment.
@jasondellaluce this should be good, right?
You want to check that you have enough space in dest (ie: s) to hold sep up until
PLUGIN_MAX_ERRLEN - strlen(s) - 1
bytes.
Same goes below.
There was a problem hiding this comment.
/approve
/hold
@jasondellaluce please confirm @FedeDP question.
@LucaGuerra agree with implementing strlcat in the future.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: FedeDP, incertum, jasondellaluce, LucaGuerra The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/unhold |
What type of PR is this?
/kind bug
Any specific area of the project related to this PR?
/area libscap-engine-bpf
/area libscap-engine-modern-bpf
/area libsinsp
/area tests
Does this PR require a change in the driver versions?
What this PR does / why we need it:
Correct usage of
strncatto avoid buffer overflows:Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: