* [musl] Re: [PATCH] lookup_name: Replace call of vulnerable function
[not found] <20240324173251.31346-1-maks.mishinFZ@gmail.com>
@ 2024-03-24 17:52 ` Rich Felker
0 siblings, 0 replies; only message in thread
From: Rich Felker @ 2024-03-24 17:52 UTC (permalink / raw)
To: Maks Mishin; +Cc: musl
On Sun, Mar 24, 2024 at 08:32:51PM +0300, Maks Mishin wrote:
> Use of vulnerable function 'strcpy' at lookup_name.c:122.
> This function is unsafe, use 'strncpy' instead.
>
> Found by RASU JSC.
>
> Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
> ---
> src/network/lookup_name.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/network/lookup_name.c b/src/network/lookup_name.c
> index 35218185..b59ec7c6 100644
> --- a/src/network/lookup_name.c
> +++ b/src/network/lookup_name.c
> @@ -119,7 +119,7 @@ static int dns_parse_callback(void *c, int rr, const void *data, int len, const
> if (rr == RR_CNAME) {
> if (__dn_expand(packet, (const unsigned char *)packet + plen,
> data, tmp, sizeof tmp) > 0 && is_valid_hostname(tmp))
> - strcpy(ctx->canon, tmp);
> + strncpy(ctx->canon, tmp, sizeof ctx->canon);
> return 0;
> }
> if (ctx->cnt >= MAXADDRS) return 0;
> --
> 2.30.2
The buffer is explicitly chosen with size such that any hostname fits,
and the is_valid_hostname predicate checks this.
This RASU JSC static analysis tool you're using seems particularly bad
at its job.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-03-24 17:52 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20240324173251.31346-1-maks.mishinFZ@gmail.com>
2024-03-24 17:52 ` [musl] Re: [PATCH] lookup_name: Replace call of vulnerable function Rich Felker
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).