#24 Check if buf is NULL-terminated
Closed 2 years ago Opened 2 years ago by jhrozek.

We read the whole text file, so we know the buffer will be null-terminated, but we might as well check so that we don't have coverity warnings like this one.

Error: STRING_NULL (CWE-170): [#def30]
libuser-0.62/lib/util.c:563: string_null_argument: Function "read" does not terminate string "*buf". [Note: The source code implementation of the function has been overridden by a builtin model.]
libuser-0.62/lib/util.c:572: string_null: Passing unterminated string "buf" to "strstr", which expects a null-terminated string.
#  570|         /* found it on the first line */
#  571|         line = buf;
#  572|->   } else if ((line = strstr(buf, pattern)) != NULL) {
#  573|         /* found it somewhere in the middle */
#  574|         line++;

and:

Error: STRING_NULL (CWE-170): [#def32]
libuser-0.62/lib/util.c:563: string_null_argument: Function "read" does not terminate string "*buf". [Note: The source code implementation of the function has been overridden by a builtin model.]
libuser-0.62/lib/util.c:571: var_assign_var: Assigning: "line" = "buf". Both now point to the same unterminated string.
libuser-0.62/lib/util.c:588: var_assign_var: Assigning: "p" = "line". Both now point to the same unterminated string.
libuser-0.62/lib/util.c:633: string_null: Passing unterminated string "buf" to "strlen", which expects a null-terminated string.
#  631|         goto err_pattern;
#  632|     }
#  633|->   len = strlen(buf);
#  634|     if (write(fd, buf, len) != len) {
#  635|         lu_error_new(error, lu_error_write, NULL);

buf = g_malloc0(st.st_size + 1 + strlen(value) + field);

already ensures NUL-termination. (I’ll leave it up to you to explain it to Coverity :) )

Metadata Update from @jhrozek:
- Issue status updated to: Closed (was: Open)

2 years ago

*shrug* The termination is non-obvious, and zeroing the memory is a bit wasteful. There could well be a better way.

Login to comment on this ticket.

Metadata