From fc8389331e7482f084c488924b29b79f69ac3bd3 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Fri, 24 Nov 2023 23:56:17 +0100 Subject: [PATCH] lib/string/: Fortify source of strtcpy(), stpecpy(), and zustr2stp() By writing the terminating null byte via stpcpy(3), we take advantage of _FORTIFY_SOURCE for the last byte, which was unprotected before this commit. Reported-by: Serge Hallyn Signed-off-by: Alejandro Colomar --- lib/string/stpecpy.h | 6 +----- lib/string/strtcpy.h | 4 +--- lib/string/zustr2stp.h | 7 +------ 3 files changed, 3 insertions(+), 14 deletions(-) diff --git a/lib/string/stpecpy.h b/lib/string/stpecpy.h index c4a60680f..640d19c2e 100644 --- a/lib/string/stpecpy.h +++ b/lib/string/stpecpy.h @@ -66,7 +66,6 @@ inline char * stpecpy(char *dst, char *end, const char *restrict src) { bool trunc; - char *p; size_t dsize, dlen, slen; if (dst == end) @@ -79,10 +78,7 @@ stpecpy(char *dst, char *end, const char *restrict src) trunc = (slen == dsize); dlen = slen - trunc; - p = mempcpy(dst, src, dlen); - *p = '\0'; - - return p + trunc; + return stpcpy(mempcpy(dst, src, dlen), "") + trunc; } diff --git a/lib/string/strtcpy.h b/lib/string/strtcpy.h index 25255493a..4e6534476 100644 --- a/lib/string/strtcpy.h +++ b/lib/string/strtcpy.h @@ -55,7 +55,6 @@ inline ssize_t strtcpy(char *restrict dst, const char *restrict src, size_t dsize) { bool trunc; - char *p; size_t dlen, slen; if (dsize == 0) @@ -65,8 +64,7 @@ strtcpy(char *restrict dst, const char *restrict src, size_t dsize) trunc = (slen == dsize); dlen = slen - trunc; - p = mempcpy(dst, src, dlen); - *p = '\0'; + stpcpy(mempcpy(dst, src, dlen), ""); return trunc ? -1 : slen; } diff --git a/lib/string/zustr2stp.h b/lib/string/zustr2stp.h index 436f47bcb..5ed424950 100644 --- a/lib/string/zustr2stp.h +++ b/lib/string/zustr2stp.h @@ -72,12 +72,7 @@ inline char *zustr2stp(char *restrict dst, const char *restrict src, size_t sz); inline char * zustr2stp(char *restrict dst, const char *restrict src, size_t sz) { - char *p; - - p = mempcpy(dst, src, strnlen(src, sz)); - *p = '\0'; - - return p; + return stpcpy(mempcpy(dst, src, strnlen(src, sz)), ""); } -- 2.47.2