[CRIU] [PATCH 2/2] criu: fix gcc-8 warnings
Andrei Vagin
avagin at openvz.org
Sun Feb 4 08:22:59 MSK 2018
From: Andrei Vagin <avagin at virtuozzo.com>
criu/sk-packet.c:443:3: error: 'strncpy' output may be truncated
copying 14 bytes from a string of length 15
strncpy(addr_spkt.sa_data, req.ifr_name, sa_data_size);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
criu/img-remote.c:383:3: error: 'strncpy' specified bound 4096
equals destination size
strncpy(snapshot_id, li->snapshot_id, PATHLEN);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
criu/img-remote.c:384:3: error: 'strncpy' specified bound 4096
equals destination size
strncpy(path, li->name, PATHLEN);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
criu/files.c:288:3: error: 'strncpy' output may be truncated copying
4095 bytes from a string of length 4096
strncpy(buf, link->name, PATH_MAX - 1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
criu/sk-unix.c:239:36: error: '/' directive output may be truncated
writing 1 byte into a region of size between 0 and 4095
snprintf(path, sizeof(path), ".%s/%s", dir, sk->name);
^
criu/sk-unix.c:239:3: note: 'snprintf' output 3 or more bytes
(assuming 4098) into a destination of size 4096
snprintf(path, sizeof(path), ".%s/%s", dir, sk->name);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
criu/mount.c:2563:3: error: 'strncpy' specified bound 4096 equals
destination size
strncpy(path, m->mountpoint, PATH_MAX);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
criu/cr-restore.c:3647:2: error: 'strncpy' specified bound 16 equals
destination size
strncpy(task_args->comm, core->tc->comm, sizeof(task_args->comm));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Andrei Vagin <avagin at virtuozzo.com>
---
criu/cr-restore.c | 3 ++-
criu/files.c | 3 ++-
criu/img-remote.c | 6 ++++--
criu/include/files.h | 2 +-
criu/mount.c | 3 ++-
criu/sk-packet.c | 2 +-
criu/sk-unix.c | 5 ++++-
lib/c/criu.c | 11 +++++++++--
8 files changed, 25 insertions(+), 10 deletions(-)
diff --git a/criu/cr-restore.c b/criu/cr-restore.c
index c6c9a7daf..b6f414640 100644
--- a/criu/cr-restore.c
+++ b/criu/cr-restore.c
@@ -3644,7 +3644,8 @@ static int sigreturn_restore(pid_t pid, struct task_restore_args *task_args, uns
log_get_logstart(&task_args->logstart);
task_args->sigchld_act = sigchld_act;
- strncpy(task_args->comm, core->tc->comm, sizeof(task_args->comm));
+ strncpy(task_args->comm, core->tc->comm, TASK_COMM_LEN - 1);
+ task_args->comm[TASK_COMM_LEN - 1] = 0;
pid_ns = lookup_ns_by_id(current->ids->pid_ns_id, &pid_ns_desc);
BUG_ON(!pid_ns);
for (i = current->pid->level - 1; i >= 0; i--, pid_ns = pid_ns->parent)
diff --git a/criu/files.c b/criu/files.c
index 8f6d50e92..873f0afad 100644
--- a/criu/files.c
+++ b/criu/files.c
@@ -285,7 +285,8 @@ static int fixup_overlayfs(struct fd_parms *p, struct fd_link *link)
char buf[PATH_MAX];
int n;
- strncpy(buf, link->name, PATH_MAX - 1);
+ strncpy(buf, link->name, PATH_MAX);
+ buf[PATH_MAX - 1] = 0;
n = snprintf(link->name, PATH_MAX, "%s/%s", m->mountpoint, buf + 2);
if (n >= PATH_MAX) {
pr_err("Not enough space to replace %s\n", buf);
diff --git a/criu/img-remote.c b/criu/img-remote.c
index 91e18a1a2..18cdc3e45 100644
--- a/criu/img-remote.c
+++ b/criu/img-remote.c
@@ -380,8 +380,10 @@ static int64_t read_header(int fd, char *snapshot_id, char *path, int *flags)
int ret = pb_read_obj(fd, (void **)&li, PB_LOCAL_IMAGE);
if (ret > 0) {
- strncpy(snapshot_id, li->snapshot_id, PATHLEN);
- strncpy(path, li->name, PATHLEN);
+ strncpy(snapshot_id, li->snapshot_id, PATHLEN - 1);
+ snapshot_id[PATHLEN - 1] = 0;
+ strncpy(path, li->name, PATHLEN - 1);
+ path[PATHLEN - 1] = 0;
*flags = li->open_mode;
}
free(li);
diff --git a/criu/include/files.h b/criu/include/files.h
index bd4ab8470..3483dcdca 100644
--- a/criu/include/files.h
+++ b/criu/include/files.h
@@ -26,7 +26,7 @@ struct fd_link {
union {
/* Link info for generic file (path) */
struct {
- char name[PATH_MAX + 1];
+ char name[PATH_MAX];
size_t len;
};
diff --git a/criu/mount.c b/criu/mount.c
index 4c7fd0914..152b7a599 100644
--- a/criu/mount.c
+++ b/criu/mount.c
@@ -2560,7 +2560,8 @@ static int fixup_remap_mounts()
char path[PATH_MAX];
int len;
- strncpy(path, m->mountpoint, PATH_MAX);
+ strncpy(path, m->mountpoint, PATH_MAX - 1);
+ path[PATH_MAX - 1] = 0;
len = print_ns_root(m->nsid, 0, path, PATH_MAX);
path[len] = '/';
diff --git a/criu/sk-packet.c b/criu/sk-packet.c
index bb1bd88b6..ae1197638 100644
--- a/criu/sk-packet.c
+++ b/criu/sk-packet.c
@@ -440,7 +440,7 @@ static int open_packet_sk_spkt(PacketSockEntry *pse, int *new_fd)
goto err;
}
- strncpy(addr_spkt.sa_data, req.ifr_name, sa_data_size);
+ memcpy(addr_spkt.sa_data, req.ifr_name, sa_data_size);
addr_spkt.sa_data[sa_data_size - 1] = 0;
if (bind(sk, &addr_spkt, sizeof(addr_spkt)) < 0) {
diff --git a/criu/sk-unix.c b/criu/sk-unix.c
index 0c1d97929..87b06d2af 100644
--- a/criu/sk-unix.c
+++ b/criu/sk-unix.c
@@ -236,7 +236,10 @@ static int resolve_rel_name(struct unix_sk_desc *sk, const struct fd_parms *p)
}
dir[ret] = 0;
- snprintf(path, sizeof(path), ".%s/%s", dir, sk->name);
+ if (snprintf(path, sizeof(path), ".%s/%s", dir, sk->name) >= sizeof(path)) {
+ pr_err("The path .%s/%s is too long", dir, sk->name);
+ goto err;
+ }
if (fstatat(mntns_root, path, &st, 0)) {
if (errno == ENOENT)
continue;
diff --git a/lib/c/criu.c b/lib/c/criu.c
index 08806c6ea..931d691ec 100644
--- a/lib/c/criu.c
+++ b/lib/c/criu.c
@@ -1075,9 +1075,16 @@ static int criu_connect(criu_opts *opts, bool d)
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_LOCAL;
- strncpy(addr.sun_path, opts->service_address, sizeof(addr.sun_path));
+ addr_len = strlen(opts->service_address);
+ if (addr_len >= sizeof(addr.sun_path)) {
+ fprintf(stderr, "The service address %s is too long",
+ opts->service_address);
+ close(fd);
+ return -1;
+ }
+ memcpy(addr.sun_path, opts->service_address, addr_len);
- addr_len = strlen(opts->service_address) + sizeof(addr.sun_family);
+ addr_len += sizeof(addr.sun_family);
ret = connect(fd, (struct sockaddr *) &addr, addr_len);
if (ret < 0) {
--
2.13.6
More information about the CRIU
mailing list