Re: [PATCH v1] tools: fix usage of strncpy

[Jason Andryuk <jandryuk@xxxxxxxxx>]

On Mon, Jun 8, 2020 at 7:03 AM Ian Jackson <ian.jackson@xxxxxxxxxx> wrote:
>
> Olaf Hering writes ("Re: [PATCH v1] tools: fix usage of strncpy"):
> > Am Mon,  8 Jun 2020 09:28:54 +0200
> > schrieb Olaf Hering <olaf@xxxxxxxxx>:
> > > off-by-one error in libxl__prepare_sockaddr_un
> >
> > There is none, I had read the code backwards...
>
> I have just had the same thoughts but in the opposite order.  That is
> at first I thought this was not a problem, but now I think there is.
>
> There are some kernel interfaces where a fixed-size buffer is
> provided, and the kernel will tolerate a null-terminated string, but
> will in any case not read beyond the end of the buffer.  Anything
> involving IFNAMSIZ comes to mind.
>
> But I think sun_path is not one of those.  The manpage I have here
> says that to be portable you must null-terminate sun_path.  I know
> that there are some implementations where it is possible to pass a
> longer path, effectively treating sun_path as a trailing vla.
>
> Looking at your diff, its effect seems to be to ensure
> null-termination by truncating overlong paths.
>
> I think the right approach is to return an error, not to silently
> truncate.

I added a length check in this patch:

https://lore.kernel.org/xen-devel/20200525024955.225415-2-jandryuk@xxxxxxxxx/

Regards,
Jason