From nobody Thu Oct 30 16:32:09 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1500922437199264.2246829232075; Mon, 24 Jul 2017 11:53:57 -0700 (PDT) Received: from localhost ([::1]:56457 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dZiUN-0004VN-To for importer@patchew.org; Mon, 24 Jul 2017 14:53:55 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50847) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dZi6u-0001GD-Ej for qemu-devel@nongnu.org; Mon, 24 Jul 2017 14:29:41 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dZi6t-0005r5-Ir for qemu-devel@nongnu.org; Mon, 24 Jul 2017 14:29:40 -0400 Received: from mail-qk0-x242.google.com ([2607:f8b0:400d:c09::242]:35995) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dZi6t-0005qF-ED; Mon, 24 Jul 2017 14:29:39 -0400 Received: by mail-qk0-x242.google.com with SMTP id d136so10669133qkg.3; Mon, 24 Jul 2017 11:29:39 -0700 (PDT) Received: from yoga.offpageads.com ([138.117.48.223]) by smtp.gmail.com with ESMTPSA id t57sm9033799qtt.18.2017.07.24.11.29.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jul 2017 11:29:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=r4SmBG6aqSov+GTkrxTuziSft9NB2/8Kf7Nn7tgWLoA=; b=UETVGAKhedNolinXL22XREVvIGnQMxOJKDak71IWVBXyN5QzHQPpWkve5BXaKA03Zu 6ESTVWbq67TMUnBzBX/x62s/T1du63m/BLYYX8vr7eqqw1V2ZdrNsmDg3E6Y8sjW/yJE sUVVXu9ZQxH+xJcj9dt93iIUe+TNn6RdgdnGktWtHbZdL/aOU90rnJJAxIAukv2rIKXL Qr8DBjDV5H4TeNE8gCjjFWXpFoIKT83ZoU8qLYemeSiyp5WTPOWFRskjB8t05Hq43O60 03W2wiXSsPzROEaucqWcfggAzZzXl85AAFYneq3f82cEO2co/GBBm42TCSosrT589sJ0 GtXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=r4SmBG6aqSov+GTkrxTuziSft9NB2/8Kf7Nn7tgWLoA=; b=ic4T/jf1qEwfQHpoZ9d2R3Ol823oJs2MT9sVSu9aewKgbAEdkrsDAX0SaqniT9XMst ineYe6gNfkPCoiHXfGLDjNRahV6e/5jMmyUxynMVaUGQQtn32NCevdJVv+BYsgrsPefD UfpE25SizGhSWHtSb7G0CNprtIyp1WNCvLXimJSPEkCi2veedvFMS6KdCgO9+x1Oknag TgB4SuoNq64EzuAhkhIWtwagtOPZBPG0xOpJIlz9eA+uR/vLH94VMJ1uh65yAQSPaiGU e9/LDYR1IxhRdvvwjftLlwAX3VH6QgrPmyY3MNu8aw2RBNBgWQsNXl8rmC3FNVOhj4Sq MNyQ== X-Gm-Message-State: AIVw112qzgdyAxki2SJN/+uYtHzkOVXnu3VDDC46zK3qDP4TgSOtIP/M 62xfIc3QQ/WHqA== X-Received: by 10.55.158.12 with SMTP id h12mr20096792qke.258.1500920978927; Mon, 24 Jul 2017 11:29:38 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: Eric Blake , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Riku Voipio , Laurent Vivier Date: Mon, 24 Jul 2017 15:27:47 -0300 Message-Id: <20170724182751.18261-32-f4bug@amsat.org> X-Mailer: git-send-email 2.13.3 In-Reply-To: <20170724182751.18261-1-f4bug@amsat.org> References: <20170724182751.18261-1-f4bug@amsat.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:400d:c09::242 Subject: [Qemu-devel] [PATCH for 2.10 31/35] syscall: replace strcpy() by g_strlcpy() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-trivial@nongnu.org, =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 linux-user/syscall.c:9860:17: warning: Call to function 'strcpy' is insecur= e as it does not provide bounding of the memory buffer. Replace unbounded c= opy functions with analogous functions that support length arguments such a= s 'strlcpy'. CWE-119 strcpy (buf->machine, cpu_to_uname_machine(cpu_env)); ^~~~~~ Reported-by: Clang Static Analyzer Signed-off-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Laurent Vivier --- linux-user/syscall.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 963b9c8f4b..847f729834 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -9853,7 +9853,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long = arg1, if (!is_error(ret)) { /* Overwrite the native machine name with whatever is being emulated. */ - strcpy (buf->machine, cpu_to_uname_machine(cpu_env)); + g_strlcpy(buf->machine, cpu_to_uname_machine(cpu_env), + sizeof(buf->machine)); /* Allow the user to override the reported release. */ if (qemu_uname_release && *qemu_uname_release) { g_strlcpy(buf->release, qemu_uname_release, --=20 2.13.3