[parted-devel] [PATCH] mac: copy partition type and name correctly

[Sergei Antonov]

Use strncpy() instead of strcpy() to copy partition name and type.
This prevents possible buffer overflow, because the source string
occupies up to 33 bytes with a terminating null.

Static analysis tools complain about the code as it is now:
  Function: _generate_raw_part
  Destination buffer too small
  string_overflow: You might overrun the 32 byte destination string
  part_map_entry->type by writing 33 bytes from mac_part_data->system_name
  (Destination buffer too small, line 933)

Cc: Sabas Rosales, Blanca E <blanca.e.sabas.rosales at intel.com>
Signed-off-by: Sergei Antonov <saproj at gmail.com>
---
 libparted/labels/mac.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libparted/labels/mac.c b/libparted/labels/mac.c
index 1034418..d8da941 100644
--- a/libparted/labels/mac.c
+++ b/libparted/labels/mac.c
@@ -930,8 +930,8 @@ _generate_raw_part (PedDisk* disk, PedPartition* part,
 		= PED_CPU_TO_BE32 (mac_disk_data->last_part_entry_num);
 	part_map_entry->start_block = PED_CPU_TO_BE32 (part->geom.start);
 	part_map_entry->block_count = PED_CPU_TO_BE32 (part->geom.length);
-	strcpy (part_map_entry->name, mac_part_data->volume_name);
-	strcpy (part_map_entry->type, mac_part_data->system_name);
+	strncpy (part_map_entry->name, mac_part_data->volume_name, 32);
+	strncpy (part_map_entry->type, mac_part_data->system_name, 32);
 
 	if (mac_part_data->is_driver) {
 		mac_part_data->boot_region_length = part->geom.length;
-- 
2.3.0