netdev
[Top] [All Lists]

Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy

To: rmk+lkml@xxxxxxxxxxxxxxxx
Subject: Re: [PATCH 2.6]: IPv6: strcpy -> strlcpy
From: YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@xxxxxxxxxxxxxx>
Date: Fri, 28 Nov 2003 05:47:24 +0900 (JST)
Cc: felipe_alfaro@xxxxxxxxxxxxx, davem@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, yoshfuji@xxxxxxxxxxxxxx
In-reply-to: <20031127200041.B25015@flint.arm.linux.org.uk>
Organization: USAGI Project
References: <20031127194602.A25015@flint.arm.linux.org.uk> <20031128.045413.133305490.yoshfuji@linux-ipv6.org> <20031127200041.B25015@flint.arm.linux.org.uk>
Sender: netdev-bounce@xxxxxxxxxxx
In article <20031127200041.B25015@xxxxxxxxxxxxxxxxxxxxxx> (at Thu, 27 Nov 2003 
20:00:41 +0000), Russell King <rmk+lkml@xxxxxxxxxxxxxxxx> says:

> The thing that worries me is that an incorrect strlcpy() conversion
> gives the impression that someone has thought about buffer underruns
> as well as overruns, and, unless someone /has/ actually thought about
> it, there could well still be a security problem lurking there.

Hmm, what do you actually mean by "buffer underruns?"

(If I'm correct) do you suggest that we should zero-out rest of 
destination buffer?

if so, we may want to have a function, say strlcpy0(), like this:

size_t strlcpy0(char *dst, const char *src, size_t maxlen)
{
  size_t len = strlcpy(dst, src, maxlen);
  if (maxlen && len < maxlen - 1)
    memset(dst + len + 1, 0, maxlen - len - 1);
  return len;
}

--yoshfuji

<Prev in Thread] Current Thread [Next in Thread>