From: Alejandro Colomar <alx@kernel.org>
Date: Wed, 15 Nov 2023 21:14:18 +0000 (+0100)
Subject: lib/: Remove off-by-one bugs in calls to strncpy(3)
X-Git-Tag: 4.15.0-rc1~122
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=07ab1af55c32406a5c287cc213cfab75cd0265cd;p=thirdparty%2Fshadow.git

lib/: Remove off-by-one bugs in calls to strncpy(3)

We're not even zeroing the last byte after this call.  This was a
completely gratuitous truncation of one byte, and the resulting
character array still wasn't guaranteed to be null terminated, because
strncpy(3) can't do that.

Just to clarify, none of these structures needed zeroing, as they are
treated as null-padded fixed-size character arrays.  Calling strncpy(3)
was actually the correct call, and the only problem was unnecessarily
truncating strings by one byte more than necessary.

Cc: Matthew House <mattlloydhouse@gmail.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---

diff --git a/lib/log.c b/lib/log.c
index 9457b1cd1..04aa3cfab 100644
--- a/lib/log.c
+++ b/lib/log.c
@@ -82,7 +82,7 @@ void dolastlog (
 	newlog.ll_time = ll_time;
 	STRTCPY(newlog.ll_line, line);
 #if HAVE_LL_HOST
-	strncpy (newlog.ll_host, host, sizeof (newlog.ll_host) - 1);
+	strncpy(newlog.ll_host, host, sizeof(newlog.ll_host));
 #endif
 	if (   (lseek (fd, offset, SEEK_SET) != offset)
 	    || (write_full(fd, &newlog, sizeof newlog) == -1)
diff --git a/lib/utmp.c b/lib/utmp.c
index 906a9fac3..0ec2692cc 100644
--- a/lib/utmp.c
+++ b/lib/utmp.c
@@ -262,25 +262,25 @@ static
 	utent->ut_type = USER_PROCESS;
 #endif				/* HAVE_STRUCT_UTMP_UT_TYPE */
 	utent->ut_pid = getpid ();
-	strncpy (utent->ut_line, line,      sizeof (utent->ut_line) - 1);
+	strncpy(utent->ut_line, line, sizeof(utent->ut_line));
 #ifdef HAVE_STRUCT_UTMP_UT_ID
 	if (NULL != ut) {
 		strncpy (utent->ut_id, ut->ut_id, sizeof (utent->ut_id));
 	} else {
 		/* XXX - assumes /dev/tty?? */
-		strncpy (utent->ut_id, line + 3, sizeof (utent->ut_id) - 1);
+		strncpy(utent->ut_id, line + 3, sizeof(utent->ut_id));
 	}
 #endif				/* HAVE_STRUCT_UTMP_UT_ID */
 #ifdef HAVE_STRUCT_UTMP_UT_NAME
 	strncpy (utent->ut_name, name,      sizeof (utent->ut_name));
 #endif				/* HAVE_STRUCT_UTMP_UT_NAME */
 #ifdef HAVE_STRUCT_UTMP_UT_USER
-	strncpy (utent->ut_user, name,      sizeof (utent->ut_user) - 1);
+	strncpy(utent->ut_user, name, sizeof(utent->ut_user));
 #endif				/* HAVE_STRUCT_UTMP_UT_USER */
 	if (NULL != hostname) {
 		struct addrinfo *info = NULL;
 #ifdef HAVE_STRUCT_UTMP_UT_HOST
-		strncpy (utent->ut_host, hostname, sizeof (utent->ut_host) - 1);
+		strncpy(utent->ut_host, hostname, sizeof(utent->ut_host));
 #endif				/* HAVE_STRUCT_UTMP_UT_HOST */
 #ifdef HAVE_STRUCT_UTMP_UT_SYSLEN
 		utent->ut_syslen = MIN (strlen (hostname),