From nobody Wed Feb 11 05:14:53 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1528125932156174.70250366145171;
 Mon, 4 Jun 2018 08:25:32 -0700 (PDT)
Received: from localhost ([::1]:40357 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1fPrMR-0006Y1-9Q
	for importer@patchew.org; Mon, 04 Jun 2018 11:25:31 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:38998)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <laurent@vivier.eu>) id 1fPrHp-0002AD-Qs
	for qemu-devel@nongnu.org; Mon, 04 Jun 2018 11:20:49 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <laurent@vivier.eu>) id 1fPrHo-0005yc-OA
	for qemu-devel@nongnu.org; Mon, 04 Jun 2018 11:20:45 -0400
Received: from mout.kundenserver.de ([212.227.126.134]:48495)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <laurent@vivier.eu>) id 1fPrHo-0005xh-Dl
	for qemu-devel@nongnu.org; Mon, 04 Jun 2018 11:20:44 -0400
Received: from localhost.localdomain ([78.238.229.36]) by
	mrelayeu.kundenserver.de (mreue007 [212.227.15.167]) with ESMTPSA
	(Nemesis)
	id 0MPvMs-1fLzf22dxy-0052rd; Mon, 04 Jun 2018 17:20:30 +0200
From: Laurent Vivier <laurent@vivier.eu>
To: qemu-devel@nongnu.org
Date: Mon,  4 Jun 2018 17:19:59 +0200
Message-Id: <20180604152015.13359-2-laurent@vivier.eu>
X-Mailer: git-send-email 2.14.3
In-Reply-To: <20180604152015.13359-1-laurent@vivier.eu>
References: <20180604152015.13359-1-laurent@vivier.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:Ffhcx4cdEOU53BxjWkNclSsjalmFBLLH41k76H9XrS1vhW4RbSw
	dPG+n1lI6s8VLQeciVyazjEbLv1/RInbXTvZucuCaZOUNDJqoYBwQTPpj5i+Cfrt+SBzTwp
	zHyt+c6Yg2jfzDNGFmGGf7GAZSGJ/JPUwEx7BYAUpkUxCAzWcTkYahy23pvgZQXETrXCkF2
	lyL12gnDBCYIaKJHslJdQ==
X-UI-Out-Filterresults: notjunk:1;V01:K0:Ozvu5uNr6so=:Vk2I5yCFXXVDOeRf0CAW2U
	afRLt23Illtx7RL8VUqdBuSFz6Bj3VbiqrMP7ItLGvlL9pTdfNWuO4+tisDVee1hc+DSt8RqA
	0lJmDxfdnwxg6j0JHahJZMJzJMw3sXgZuy0rcDfhv5eI8UmHfQD91xiCgVpelYQH/TPFcQwcY
	k/OEa9ehSTvJoXSogcXAGYyKR41Abppa4hcbIr/faVQkB4M3T58yfKuCn61al/XkwK+2IAGai
	XlmvLkuLW8GG1YfST+wN8JIiVgVZUuMQdlUrOn0md+/RTRLeQGSsagVa2nrxmINIfa8rDoigL
	hB0GsPdFoVpUznpPAwjJqzNiZOGiGWk2X6zDHNk1wIdx2a7uj7+7f3WJZ8Or6WHOGzb90ExHW
	4Ddd3flPjOdZ4Z4UaSGQKTnFbO28jKsESAfo85F90uQe0EoRX9eRhGcYEGF6bsBafviVg20w/
	4ybVC/QZt8b5EqkarIX1O4SPIShOkdIravCAigA+iKLp6hEUU2FssoujO/jmOiu5JFYWEwIw4
	ugT9OTYBrgi9LN0fJmZT2oDLyFh1excIojoJeODw1Bqx0BN3CM9HHPUHNvUScObXeH0eM7Dwj
	WuL9f8RjiyygdfzAwwDkftSCZCS9ndtbFpzzx0nih7dfy4nEkdEkfu4aVEY+D5JlgwNUk4wTe
	LLAdqsnhfobLNodKRxgLSuFyv+D1bJcMyr0s0NrKr/4r4Mc9skYdKNc2RVK3MQpw3vTEibNla
	pLw01zLR8E59Ugsy
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
	[fuzzy]
X-Received-From: 212.227.126.134
Subject: [Qemu-devel] [PULL 01/17] syscall: replace strcpy() by g_strlcpy()
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Riku Voipio <riku.voipio@iki.fi>,
	Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>,
	Laurent Vivier <laurent@vivier.eu>, Artyom Tarasenko <atar4qemu@gmail.com>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <f4bug@amsat.org>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail: RSF_0  Z_629925259 SPT_0

From: Philippe Mathieu-Daud=C3=A9 <f4bug@amsat.org>

linux-user/syscall.c:9860:17: warning: Call to function 'strcpy' is insecur=
e as it does not provide bounding of the memory buffer. Replace unbounded c=
opy functions with analogous functions that support length arguments such a=
s 'strlcpy'. CWE-119
                strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
                ^~~~~~

Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daud=C3=A9 <f4bug@amsat.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20170724182751.18261-32-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
 linux-user/syscall.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index d02c16bbc6..7b9ac3b408 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10156,7 +10156,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_lon=
g arg1,
             if (!is_error(ret)) {
                 /* Overwrite the native machine name with whatever is being
                    emulated. */
-                strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
+                g_strlcpy(buf->machine, cpu_to_uname_machine(cpu_env),
+                          sizeof(buf->machine));
                 /* Allow the user to override the reported release.  */
                 if (qemu_uname_release && *qemu_uname_release) {
                     g_strlcpy(buf->release, qemu_uname_release,
--=20
2.14.3