The length of the strncpy should be one less than the destination to
ensure that there is space for the last NULL byte in case the source
is longer than the destination.
Change-Id: Iea65fa6327c8242bd8ddf4bf9a5a2b5164996495
Signed-off-by: Siddhesh Poyarekar <siddhesh.poyarekar@gmail.com>
Reviewed-on: https://gem5-review.googlesource.com/8561
Reviewed-by: Gabe Black <gabeblack@google.com>
Reviewed-by: Andreas Sandberg <andreas.sandberg@arm.com>
Maintainer: Andreas Sandberg <andreas.sandberg@arm.com>
struct ifreq ifr;
memset(&ifr, 0, sizeof(ifr));
ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
- strncpy(ifr.ifr_name, p->tap_device_name.c_str(), IFNAMSIZ);
+ strncpy(ifr.ifr_name, p->tap_device_name.c_str(), IFNAMSIZ - 1);
if (ioctl(fd, TUNSETIFF, (void *)&ifr) < 0)
panic("Failed to access tap device %s.\n", ifr.ifr_name);
fatal_if(sizeof(socket_address.sun_path) <= socket_path.length(),
"Incorrect length of socket path");
strncpy(socket_address.sun_path, socket_path.c_str(),
- sizeof(socket_address.sun_path));
+ sizeof(socket_address.sun_path) - 1);
if (bind(socket_id, (struct sockaddr*) &socket_address,
sizeof(struct sockaddr_un)) == -1){
perror("Socket binding");