Commit 871f95c6 authored by Philippe Mathieu-Daudé's avatar Philippe Mathieu-Daudé Committed by Laurent Vivier
Browse files

syscall: replace strcpy() by g_strlcpy() 



linux-user/syscall.c:9860:17: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
                strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
                ^~~~~~

Reported-by: Clang Static Analyzer
Signed-off-by: default avatarPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: default avatarLaurent Vivier <laurent@vivier.eu>
Message-Id: <20170724182751.18261-32-f4bug@amsat.org>
Signed-off-by: default avatarLaurent Vivier <laurent@vivier.eu>
parent 392fba9f

linux-user/syscall.c

+2 −1
Original line number Diff line number Diff line
@@ -10156,7 +10156,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, 
            if (!is_error(ret)) {

                /* Overwrite the native machine name with whatever is being

                   emulated. */

                strcpy (buf->machine, cpu_to_uname_machine(cpu_env));

                g_strlcpy(buf->machine, cpu_to_uname_machine(cpu_env),

                          sizeof(buf->machine));

                /* Allow the user to override the reported release.  */

                if (qemu_uname_release && *qemu_uname_release) {

                    g_strlcpy(buf->release, qemu_uname_release,