This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] avoid buffer overflow in sunrpc clnt_create (BZ #22542)

On Mon, Dec 04, 2017 at 12:04:12AM -0800, Paul Eggert wrote:
> Dmitry V. Levin wrote:
> > Do people really expect that?  Assuming that people are aware
> > of linux kernel behaviour, why would they expect that?
> These days, it's because strncpy format is obsolete and is not something 
> programmers are ordinarily aware of. When in doubt (which there seems to be 
> here), glibc should use null-terminated strings rather than strncpy format.

Is there any statistics what programmers are ordinarily aware of?

I have no doubts that some valid code[1] no longer compiles with
-Werror=stringop-truncation, and the only plausible fix is to mark
struct sockaddr_un.sun_path with __attribute_nonstring__.

I think we should revisit the patch submitted by Martin.

[1] strace HEAD's tests no longer build in Fedora Rawhide with the following
net-accept-connect.c: In function ‘main’:
net-accept-connect.c:57:2: error: ‘strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
  strncpy(addr.sun_path, av[1], sizeof(addr.sun_path));


Attachment: signature.asc
Description: PGP signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]