restore: avoid an unterminated string

>>> CID 164715: (BUFFER_SIZE_WARNING) >>> Calling strncpy with a maximum size argument of 16 bytes on destination array "thread_args[i].comm" of size 16 bytes might leave the destination string unterminated. 3473 strncpy(thread_args[i].comm, core->tc->comm, TASK_COMM_LEN); Signed-off-by: Andrei Vagin <avagin@virtuozzo.com> Acked-by: Cyrill Gorcunov <gorcunov@gmail.com> Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>

restore: avoid an unterminated string
>>> CID 164715: (BUFFER_SIZE_WARNING) >>> Calling strncpy with a maximum size argument of 16 bytes on destination array "thread_args[i].comm" of size 16 bytes might leave the destination string unterminated. 3473 strncpy(thread_args[i].comm, core->tc->comm, TASK_COMM_LEN); Signed-off-by: Andrei Vagin <avagin@virtuozzo.com> Acked-by: Cyrill Gorcunov <gorcunov@gmail.com> Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
2b76b324 · Andrei Vagin · Andrei Vagin · d40c702d · 2b76b324
Commit 2b76b324 authored Aug 23, 2018 by Andrei Vagin Committed by Andrei Vagin Oct 30, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 2 deletions

cr-restore.c criu/cr-restore.c +3 -2

No files found.
--- a/criu/cr-restore.c
+++ b/criu/cr-restore.c
@@ -3462,9 +3462,10 @@ static int sigreturn_restore(pid_t pid, struct task_restore_args *task_args, uns
 			goto err;
 		if (tcore->thread_core->comm)
-			strncpy(thread_args[i].comm, tcore->thread_core->comm, TASK_COMM_LEN);
+			strncpy(thread_args[i].comm, tcore->thread_core->comm, TASK_COMM_LEN - 1);
 		else
-			strncpy(thread_args[i].comm, core->tc->comm, TASK_COMM_LEN);
+			strncpy(thread_args[i].comm, core->tc->comm, TASK_COMM_LEN - 1);
+		thread_args[i].comm[TASK_COMM_LEN - 1] = 0;
 		if (thread_args[i].pid != pid)
 			core_entry__free_unpacked(tcore, NULL);