From: Ben Gras Date: Wed, 13 Jul 2005 14:46:11 +0000 (+0000) Subject: Fixed a bug in kstrncpy() that caused mayhem whenever the buffer to be X-Git-Tag: v3.1.0~621 X-Git-Url: http://zhaoyanbai.com/repos/doc/tz-art.htm?a=commitdiff_plain;h=f96645a4ebfab17f3fed519489c163acaadea552;p=minix.git Fixed a bug in kstrncpy() that caused mayhem whenever the buffer to be copied into was the same size as the source string - it will keep on filling with zeroes forever. This was a signed/unsigned bug, fixed by making the kstrncpy argument ssize_t instead of size_t. This bug was triggered by Chris Young , by dazzling coincedence - changing OS_VERSION into something with one more character (exactly the same size as the buffer in the kinfo struct). Also noticed that the kstrncpy() call didn't null-terminate the strings if necessary, also fixed. --- diff --git a/kernel/klibc.c b/kernel/klibc.c index 7d8bb8167..e960b8534 100644 --- a/kernel/klibc.c +++ b/kernel/klibc.c @@ -214,7 +214,7 @@ PUBLIC int kstrncmp(register const char *s1, register const char *s2, register s /*=========================================================================* * kstrncpy * *=========================================================================*/ -PUBLIC char *kstrncpy(char *ret, register const char *s2, register size_t n) +PUBLIC char *kstrncpy(char *ret, register const char *s2, register ssize_t n) { register char *s1 = ret; while((n-- > 0) && (*s1++ = *s2++)) /* copy up to n chars */ diff --git a/kernel/proto.h b/kernel/proto.h index 3ad557672..b26a21a0e 100755 --- a/kernel/proto.h +++ b/kernel/proto.h @@ -24,7 +24,7 @@ _PROTOTYPE( size_t kstrlen, (const char *s)); _PROTOTYPE( int kstrncmp, (register const char *s1, register const char *s2, register size_t n)); _PROTOTYPE( char *kstrncpy, - (char *s1, register const char *s2, register const size_t n)); + (char *s1, register const char *s2, register const ssize_t n)); #define karg(arg) (karg_t) (arg) _PROTOTYPE( void kprintf, (const char *fmt, karg_t arg) ); diff --git a/kernel/start.c b/kernel/start.c index 7ef1c131c..bf82c6f92 100755 --- a/kernel/start.c +++ b/kernel/start.c @@ -55,8 +55,10 @@ U16_t parmoff, parmsize; /* boot parameters offset and length */ /* Record miscellaneous information for user-space servers. */ kinfo.nr_procs = NR_PROCS; kinfo.nr_tasks = NR_TASKS; - kstrncpy(kinfo.release, OS_RELEASE, 4); - kstrncpy(kinfo.version, OS_VERSION, 4); + kstrncpy(kinfo.release, OS_RELEASE, sizeof(kinfo.release)); + kinfo.release[sizeof(kinfo.release)-1] = '\0'; + kstrncpy(kinfo.version, OS_VERSION, sizeof(kinfo.version)); + kinfo.version[sizeof(kinfo.version)-1] = '\0'; kinfo.proc_addr = (vir_bytes) proc; kinfo.kmem_base = vir2phys(0); kinfo.kmem_size = (phys_bytes) &end;