Fix: illegal memory access in consumer_set_subdir

Found by Coverity: CID 1243015 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)8. buffer_size_warning: Calling strncpy with a maximum size argument of 4096 bytes on destination array consumer->subdir of size 4096 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers <[email protected]> Signed-off-by: Jérémie Galarneau <[email protected]>
lttng · May 17, 2016 · 2edf492 · 2edf492
1 parent 39e3c47
commit 2edf492
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/src/bin/lttng-sessiond/consumer.c b/src/bin/lttng-sessiond/consumer.c
@@ -1089,7 +1089,11 @@ int consumer_set_subdir(struct consumer_output *consumer,
 		goto error;
 	}
 
-	strncpy(consumer->subdir, tmp_path, sizeof(consumer->subdir));
+	if (lttng_strncpy(consumer->subdir, tmp_path,
+			sizeof(consumer->subdir))) {
+		ret = -EINVAL;
+		goto error;
+	}
 	DBG2("Consumer subdir set to %s", consumer->subdir);
 
 error: