|Summary:||ASTERISK-07991: Check handling of strncpy calls|
|Reporter:||Markus Elfring (elfring)||Labels:|
|Date Opened:||2006-10-24 08:49:01||Date Closed:||2006-10-25 13:02:17|
|Description:||I have seen the comment (http://svn.digium.com/view/asterisk/trunk/utils/ael_main.c?rev=46068&view=markup) about a fix for a few calls of "http://opengroup.org/onlinepubs/009695399/functions/strncpy.html".|
I get the impression that there are more dangers by such "off by one" errors. The description for the application usage of this function contains the important sentence "If there is no null byte in the first n bytes of the array pointed to by s2, the result is not null-terminated.".
Would you like to guarantee to set the terminating null byte at the end even if the source string is longer than the remaining space in the target buffer?
|Comments:||By: Russell Bryant (russell) 2006-10-24 15:06:47|
Yes, it is possible that there are more of these. If you find any specific instances of this, feel free to open a report and they will get fixed.
In the future, if you just have a question to ask, and not a specific bug to report, or a patch to submit, please just use the asterisk-dev mailing list.
By: Markus Elfring (elfring) 2006-10-25 11:49:40
Can it be that the function "ast_copy_string" (or "strlcpy") should be used?
By: Olle Johansson (oej) 2006-10-25 12:29:17
Didn't kpfleming just fix this in svn?
By: Russell Bryant (russell) 2006-10-25 13:02:16
Please stop opening bugs to ask questions. As has been stated multiple times, please use the asterisk-dev mailing list to ask questions.