From 07ab1af55c32406a5c287cc213cfab75cd0265cd Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Wed, 15 Nov 2023 22:14:18 +0100 Subject: [PATCH] lib/: Remove off-by-one bugs in calls to strncpy(3) We're not even zeroing the last byte after this call. This was a completely gratuitous truncation of one byte, and the resulting character array still wasn't guaranteed to be null terminated, because strncpy(3) can't do that. Just to clarify, none of these structures needed zeroing, as they are treated as null-padded fixed-size character arrays. Calling strncpy(3) was actually the correct call, and the only problem was unnecessarily truncating strings by one byte more than necessary. Cc: Matthew House Signed-off-by: Alejandro Colomar --- lib/log.c | 2 +- lib/utmp.c | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/log.c b/lib/log.c index 9457b1cd1..04aa3cfab 100644 --- a/lib/log.c +++ b/lib/log.c @@ -82,7 +82,7 @@ void dolastlog ( newlog.ll_time = ll_time; STRTCPY(newlog.ll_line, line); #if HAVE_LL_HOST - strncpy (newlog.ll_host, host, sizeof (newlog.ll_host) - 1); + strncpy(newlog.ll_host, host, sizeof(newlog.ll_host)); #endif if ( (lseek (fd, offset, SEEK_SET) != offset) || (write_full(fd, &newlog, sizeof newlog) == -1) diff --git a/lib/utmp.c b/lib/utmp.c index 906a9fac3..0ec2692cc 100644 --- a/lib/utmp.c +++ b/lib/utmp.c @@ -262,25 +262,25 @@ static utent->ut_type = USER_PROCESS; #endif /* HAVE_STRUCT_UTMP_UT_TYPE */ utent->ut_pid = getpid (); - strncpy (utent->ut_line, line, sizeof (utent->ut_line) - 1); + strncpy(utent->ut_line, line, sizeof(utent->ut_line)); #ifdef HAVE_STRUCT_UTMP_UT_ID if (NULL != ut) { strncpy (utent->ut_id, ut->ut_id, sizeof (utent->ut_id)); } else { /* XXX - assumes /dev/tty?? */ - strncpy (utent->ut_id, line + 3, sizeof (utent->ut_id) - 1); + strncpy(utent->ut_id, line + 3, sizeof(utent->ut_id)); } #endif /* HAVE_STRUCT_UTMP_UT_ID */ #ifdef HAVE_STRUCT_UTMP_UT_NAME strncpy (utent->ut_name, name, sizeof (utent->ut_name)); #endif /* HAVE_STRUCT_UTMP_UT_NAME */ #ifdef HAVE_STRUCT_UTMP_UT_USER - strncpy (utent->ut_user, name, sizeof (utent->ut_user) - 1); + strncpy(utent->ut_user, name, sizeof(utent->ut_user)); #endif /* HAVE_STRUCT_UTMP_UT_USER */ if (NULL != hostname) { struct addrinfo *info = NULL; #ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy (utent->ut_host, hostname, sizeof (utent->ut_host) - 1); + strncpy(utent->ut_host, hostname, sizeof(utent->ut_host)); #endif /* HAVE_STRUCT_UTMP_UT_HOST */ #ifdef HAVE_STRUCT_UTMP_UT_SYSLEN utent->ut_syslen = MIN (strlen (hostname), -- 2.47.2