From: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Date: Thu, 13 Mar 2014 16:21:53 +0000 (+0100)
Subject: test_filejournal.cc: use strncpy and terminate with '\0'
X-Git-Tag: v0.79~149^2~4
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=58e35a4bc2983fc513eff91e3332d67f9939e382;p=ceph.git

test_filejournal.cc: use strncpy and terminate with '\0'

CID 966632 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
 2. fixed_size_dest: You might overrun the 200 byte fixed-size string
 "path" by copying "args[0UL]" without checking the length.

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
---

diff --git a/src/test/test_filejournal.cc b/src/test/test_filejournal.cc
index 3691fa64f4be..e50e5dce0cb9 100644
--- a/src/test/test_filejournal.cc
+++ b/src/test/test_filejournal.cc
@@ -72,7 +72,9 @@ int main(int argc, char **argv) {
   finisher = new Finisher(g_ceph_context);
   
   if (!args.empty()) {
-    strcpy(path, args[0]);
+    size_t copy_len = std::min(sizeof(path)-1, strlen(args[0]));
+    strncpy(path, args[0], copy_len);
+    path[copy_len] = '\0';
   } else {
     srand(getpid()+time(0));
     snprintf(path, sizeof(path), "/tmp/ceph_test_filejournal.tmp.%d", rand());