Use the safe strlcpy() when present

The current macro, which uses strncpy() and then forces a valid termination, triggers warnings under GCC 10. It can also cause an out-of-bounds write if size is 0. strlcpy() was added in glibc 2.38 (July 2023). Signed-off-by: Loren M. Lang <[email protected]> Signed-off-by: Aaron Conole <[email protected]>
intel · Aug 16, 2024 · 96106e8 · 96106e8
1 parent d24a1df
commit 96106e8
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/configure.ac b/configure.ac
@@ -90,6 +90,7 @@ AC_CHECK_FUNCS([strcasecmp])
 AC_CHECK_FUNCS([strchr])
 AC_CHECK_FUNCS([strdup])
 AC_CHECK_FUNCS([strerror])
+AC_CHECK_FUNCS([strlcpy])
 AC_CHECK_FUNCS([strncasecmp])
 AC_CHECK_FUNCS([strpbrk])
 AC_CHECK_FUNCS([strrchr])

diff --git a/include/lldp.h b/include/lldp.h
@@ -52,11 +52,16 @@ typedef __u64 u64;
 	 })
 
 /* Use strncpy with N-1 and ensure the string is terminated.  */
+#ifdef HAVE_STRLCPY
+#define STRNCPY_TERMINATED(DEST, SRC, N) \
+  (void)strlcpy(DEST, SRC, N)
+#else
 #define STRNCPY_TERMINATED(DEST, SRC, N) \
   do { \
     strncpy (DEST, SRC, N - 1); \
     DEST[N - 1] = '\0'; \
   } while (false)
+#endif
 
 /*
  * Organizationally Unique Identifier (OUI)