Fix: illegal memory access in consumer_set_network_uri

Found by Coverity: CID 1243029 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)31. buffer_size_warning: Calling strncpy with a maximum size argument of 4096 bytes on destination array obj->subdir of size 4096 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers <[email protected]> Signed-off-by: Jérémie Galarneau <[email protected]>
lttng · May 17, 2016 · bfc6eff · bfc6eff
1 parent 6ce2287
commit bfc6eff
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/bin/lttng-sessiond/consumer.c b/src/bin/lttng-sessiond/consumer.c
@@ -715,7 +715,10 @@ int consumer_set_network_uri(struct consumer_output *obj,
 			goto error;
 		}
 
-		strncpy(obj->subdir, tmp_path, sizeof(obj->subdir));
+		if (lttng_strncpy(obj->subdir, tmp_path, sizeof(obj->subdir))) {
+			ret = -LTTNG_ERR_INVALID;
+			goto error;
+		}
 		DBG3("Consumer set network uri subdir path %s", tmp_path);
 	}