On Thu, Jun 27, 2024 at 01:45:33AM +0200, Stefano Brivio wrote:Spotted by Coverity just recently. Not that it really matters as MAXDNSRCH always appears to be defined as 1025, while a full domain name can have up to 253 characters: it would be a bit pointless to have a longer search domain. Signed-off-by: Stefano Brivio <sbrivio(a)redhat.com>Hm. So, IIRC strncpy() won't \0 terminate in the case where it truncates. I guess we'll get away with that here since we expect c->dns_search to be filled with \0 before hand. That's... more fragile than ideal, though.--- conf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf.c b/conf.c index e1f5422..9e47e9a 100644 --- a/conf.c +++ b/conf.c @@ -453,7 +453,7 @@ static void get_dns(struct ctx *c) while (s - c->dns_search < ARRAY_SIZE(c->dns_search) - 1 /* cppcheck-suppress strtokCalled */ && (p = strtok(NULL, " \t"))) { - strncpy(s->n, p, sizeof(c->dns_search[0])); + strncpy(s->n, p, sizeof(c->dns_search[0]) - 1); s++; *s->n = 0; }-- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson