[libvirt] [PATCH 02/10] security: Use virStrcpy to move the label
Peter Krempa
pkrempa at redhat.com
Thu Jan 17 21:44:12 UTC 2013
On 01/17/13 20:17, John Ferlan wrote:
> ---
> src/security/security_dac.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/src/security/security_dac.c b/src/security/security_dac.c
> index deff024..7ef7eb9 100644
> --- a/src/security/security_dac.c
> +++ b/src/security/security_dac.c
> @@ -995,7 +995,13 @@ virSecurityDACGetProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
> return -1;
>
> if (secdef->label)
> - strcpy(seclabel->label, secdef->label);
> + if (!virStrcpy(seclabel->label, secdef->label,
> + VIR_SECURITY_LABEL_BUFLEN)) {
I'd rather go for a ignore_value here. AFAIK it's impossible to overflow
the allocated buffer here.
> + virReportError(VIR_ERR_INTERNAL_ERROR,
> + _("security label exceeds max %d bytes"),
> + VIR_SECURITY_LABEL_BUFLEN-1);
> + return -1;
> + }
>
> return 0;
> }
>
Peter
More information about the libvir-list
mailing list