[parted-devel] [PATCH 84/88] Fix the length of several strncpy calls

[Brian C. Lane]

These need to be 1 less than the allocated size of the buffer, strncpy
will fill shorter strings with zeros, but there needs to be room for at
least one 0x00 at the end if the string is the same length as the buffer
and has no terminating 0x00.

Related: rhbz#1602652
---
 libparted/arch/linux.c | 12 ++++++++----
 libparted/labels/mac.c |  9 ++++++---
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/libparted/arch/linux.c b/libparted/arch/linux.c
index 1c26b8c..dd4820d 100644
--- a/libparted/arch/linux.c
+++ b/libparted/arch/linux.c
@@ -2571,9 +2571,12 @@ _blkpg_add_partition (PedDisk* disk, const PedPartition *part)
                 linux_part.length = part->geom.length * disk->dev->sector_size;
         }
         linux_part.pno = part->num;
-        strncpy (linux_part.devname, dev_name, BLKPG_DEVNAMELTH);
-        if (vol_name)
-                strncpy (linux_part.volname, vol_name, BLKPG_VOLNAMELTH);
+        strncpy (linux_part.devname, dev_name, BLKPG_DEVNAMELTH-1);
+        linux_part.devname[BLKPG_DEVNAMELTH-1] = '\0';
+        if (vol_name) {
+                strncpy (linux_part.volname, vol_name, BLKPG_VOLNAMELTH-1);
+                linux_part.volname[BLKPG_VOLNAMELTH-1] = '\0';
+        }
 
         free (dev_name);
 
@@ -2629,7 +2632,8 @@ static int _blkpg_resize_partition (PedDisk* disk, const PedPartition *part)
         else
                 linux_part.length = part->geom.length * disk->dev->sector_size;
         linux_part.pno = part->num;
-        strncpy (linux_part.devname, dev_name, BLKPG_DEVNAMELTH);
+        strncpy (linux_part.devname, dev_name, BLKPG_DEVNAMELTH-1);
+        linux_part.devname[BLKPG_DEVNAMELTH-1] = '\0';
 
         free (dev_name);
 
diff --git a/libparted/labels/mac.c b/libparted/labels/mac.c
index fa4e43f..4942c82 100644
--- a/libparted/labels/mac.c
+++ b/libparted/labels/mac.c
@@ -930,8 +930,10 @@ _generate_raw_part (PedDisk* disk, PedPartition* part,
 		= PED_CPU_TO_BE32 (mac_disk_data->last_part_entry_num);
 	part_map_entry->start_block = PED_CPU_TO_BE32 (part->geom.start);
 	part_map_entry->block_count = PED_CPU_TO_BE32 (part->geom.length);
-	strncpy (part_map_entry->name, mac_part_data->volume_name, 32);
-	strncpy (part_map_entry->type, mac_part_data->system_name, 32);
+	strncpy (part_map_entry->name, mac_part_data->volume_name, 31);
+	part_map_entry->name[31] = '\0';
+	strncpy (part_map_entry->type, mac_part_data->system_name, 31);
+	part_map_entry->type[31] = '\0';
 
 	if (mac_part_data->is_driver) {
 		if (mac_part_data->has_driver)
@@ -954,7 +956,8 @@ _generate_raw_part (PedDisk* disk, PedPartition* part,
 	part_map_entry->boot_cksum =
 		PED_CPU_TO_BE32 (mac_part_data->boot_checksum);
 
-	strncpy (part_map_entry->processor, mac_part_data->processor_name, 16);
+	strncpy (part_map_entry->processor, mac_part_data->processor_name, 15);
+	part_map_entry->processor[15] = '\0';
 
 	if (!_pad_raw_part (disk, part->num, part_map))
 		goto error;
-- 
2.17.1