Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

strlcpy: Check for maxlen underflow #432

Merged
merged 2 commits into from
Jan 13, 2021
Merged

strlcpy: Check for maxlen underflow #432

merged 2 commits into from
Jan 13, 2021

Conversation

chrissie-c
Copy link
Contributor

@chrissie-c
Copy link
Contributor Author

Yes, that does seem to be a more sensible behaviour.(every bug in libqb seems to lead to two more :)

@wferi
Copy link
Contributor

wferi commented Jan 7, 2021

Seems correct to me now. At the risk of breaking it again: do you still need the additional len2cpy check? Wouldn't an unconditional memcpy(dest, src, len2cpy) do? (Optionally with the len2cpy definition moved inside the conditional branch.)
Or just use libbsd on Linux. :)

@chrissie-c
Copy link
Contributor Author

It's tempting to use libbsd, certainly! But one of the aims of libqb is to be as dependency-free as possible.

@chrissie-c chrissie-c merged commit 5097155 into ClusterLabs:master Jan 13, 2021
@chrissie-c chrissie-c deleted the strlcpy-check-underflow branch January 13, 2021 14:12
bmwiedemann pushed a commit to bmwiedemann/openSUSE that referenced this pull request Oct 11, 2021
@bmwiedemann
Update libqb to version 2.0.3+20210303.404adbc / rev 30 via SR 924180
55fa6a9 
https://build.opensuse.org/request/show/924180
by user yan_gao + dimstar_suse
- Update to version 2.0.3+20210303.404adbc (v2.0.3):
- syslog: Add a message-id parameter for messages (gh#ClusterLabs/libqb#433)
- timers: Add some locking (gh#ClusterLabs/libqb#436)
- ipcc: Have a few goes at tidying up after a dead server (gh#ClusterLabs/libqb#434)
- strlcpy: Check for maxlen underflow (gh#ClusterLabs/libqb#432)
- doxygen2man: fix printing of lines starting with '.' (gh#ClusterLabs/libqb#431)
- doxygen2man: ignore all-whitespace brief descriptions (gh#ClusterLabs/libqb#430) (forwarded request 924179 from yan_gao)
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chrissie-c @wferi