Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 16:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

util, nb_dns: fix off-by-one bugs in strncpy() calls

Browse source 
Fortunately, these bugs had no effect because the following lines
overwrote the last character with a null byte.
This commit is contained in:
Max Kellermann 2020-01-22 13:50:17 +01:00
parent aacf84e552
commit 32bb019e3a
3 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/nb_dns.c
View file

@ -411,7 +411,7 @@ _nb_dns_mkquery(register struct nb_dns_info *nd, register const char *name,
return (-1); return (-1);
} }
memset(ne, 0, sizeof(*ne)); memset(ne, 0, sizeof(*ne));
strncpy(ne->name, name, sizeof(ne->name)); strncpy(ne->name, name, sizeof(ne->name) - 1);
ne->name[sizeof(ne->name) - 1] = '\0'; ne->name[sizeof(ne->name) - 1] = '\0';
ne->qtype = qtype; ne->qtype = qtype;
ne->atype = atype; ne->atype = atype;

2
src/util.cc
View file

@ -623,7 +623,7 @@ char* uitoa_n(uint64_t value, char* str, int n, int base, const char* prefix)
if ( prefix ) if ( prefix )
{ {
strncpy(str, prefix, n); strncpy(str, prefix, n-1);
str[n-1] = '\0'; str[n-1] = '\0';
i += strlen(prefix); i += strlen(prefix);
} }

2
src/util.h
View file

@ -512,7 +512,7 @@ inline void* safe_malloc(size_t size)
inline char* safe_strncpy(char* dest, const char* src, size_t n) inline char* safe_strncpy(char* dest, const char* src, size_t n)
{ {
char* result = strncpy(dest, src, n); char* result = strncpy(dest, src, n-1);
dest[n-1] = '\0'; dest[n-1] = '\0';
return result; return result;
} }