From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Thu, 2 Oct 2014 08:48:25 +0000 (+0200)
Subject: mount.ceph.c: ensure '\0' terminated string
X-Git-Tag: v0.88~83^2~11
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=46692332db10ae06dbb1be20a390c260c00e1252;p=ceph.git

mount.ceph.c: ensure '\0' terminated string

Reserve last char in array for '\0' to ensure termination
of the string.

Fix for:

CID 1128383 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)
 buffer_size_warning: Calling strncpy with a maximum size argument
 of 1000 bytes on destination array secret of size 1000 bytes might
 leave the destination string unterminated.

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---

diff --git a/src/mount/mount.ceph.c b/src/mount/mount.ceph.c
index 5c8bf959c37..8a0853fdf45 100644
--- a/src/mount/mount.ceph.c
+++ b/src/mount/mount.ceph.c
@@ -175,11 +175,13 @@ static char *parse_options(const char *data, int *filesys_flags)
 			}
 
 			/* secret is only added to kernel options as
-			   backwards compatilbity, if add_key doesn't
+			   backwards compatibility, if add_key doesn't
 			   recognize our keytype; hence, it is skipped
 			   here and appended to options on add_key
 			   failure */
-			strncpy(secret, value, sizeof(secret));
+			size_t len = sizeof(secret);
+			strncpy(secret, value, len-1);
+			secret[len-1] = '\0';
 			saw_secret = secret;
 			skip = 1;
 		} else if (strncmp(data, "name", 4) == 0) {