From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Tue, 17 May 2016 01:42:52 +0000 (-0400)
Subject: Fix: illegal memory access in write_pidfile
X-Git-Tag: v2.7.3~56
X-Git-Url: https://git.liburcu.org/?a=commitdiff_plain;ds=sidebyside;h=c5c1b9e6b2fe95333fb0975b8fdcd657458141ed;p=lttng-tools.git

Fix: illegal memory access in write_pidfile

Found by Coverity:
CID 1243023 (#1 of 1): Buffer not null terminated
(BUFFER_SIZE_WARNING)3. buffer_size_warning: Calling strncpy with a
maximum size argument of 4096 bytes on destination array pidfile_path of
size 4096 bytes might leave the destination string unterminated.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
---

diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c
index 9c2fe4a3e..92899873b 100644
--- a/src/bin/lttng-sessiond/main.c
+++ b/src/bin/lttng-sessiond/main.c
@@ -5348,7 +5348,10 @@ static int write_pidfile(void)
 	assert(rundir);
 
 	if (opt_pidfile) {
-		strncpy(pidfile_path, opt_pidfile, sizeof(pidfile_path));
+		if (lttng_strncpy(pidfile_path, opt_pidfile, sizeof(pidfile_path))) {
+			ret = -1;
+			goto error;
+		}
 	} else {
 		/* Build pidfile path from rundir and opt_pidfile. */
 		ret = snprintf(pidfile_path, sizeof(pidfile_path), "%s/"