/* we have a binary name */
if (top_arg.is_exec_hooked) {
- strcpy(top->bin_file, top_arg.bin_file);
+ strncpy(top->bin_file, top_arg.bin_file,256);
+ top->bin_file[255] = 0;
top->is_exec_hooked = 1;
DEBUG("top->bin_file is %s\n", top->bin_file);
}
env->num_strings = env_arg.num_strings;
- strcpy(env->bin_name, env_arg.bin_name);
+ strncpy(env->bin_name, env_arg.bin_name, MAX_STRING_LEN);
+ env->bin_name[MAX_STRING_LEN-1] = 0;
DEBUG("Binary hooked on: %s\n", env->bin_name);
//DEBUG("Palacios: Allocating space for %u env var string ptrs...\n", env->num_strings);
}
memset(tmp_str, 0, strlen(path) + 1);
+ // will terminate tmp_str
strncpy(tmp_str, path, strlen(path));
dirname_ptr = tmp_str;
return NULL;
}
- pfile->path = palacios_alloc(strlen(path));
+ pfile->path = palacios_alloc(strlen(path) + 1);
if (!pfile->path) {
ERROR("Cannot allocate in file open\n");
palacios_free(pfile);
return NULL;
}
- strncpy(pfile->path, path, strlen(path));
+ strncpy(pfile->path, path, strlen(path)); // will terminate pfile->path
pfile->guest = guest;
palacios_spinlock_init(&(pfile->lock));
memset(dev,0,sizeof(struct palacios_host_device_user));
strncpy(dev->url,url,MAX_URL);
+ dev->url[MAX_URL-1] = 0;
dev->guestdev = gdev;
strncpy(host_dev->name, hw_dev_arg.name, 128);
+ host_dev->name[127] = 0;
host_dev->v3_dev.host_data = host_dev;
return 0;
}
- strcpy(mykey,url+4);
+ strcpy(mykey,url+4); // will fit
mks = (struct mem_keyed_stream *) palacios_alloc(sizeof(struct mem_keyed_stream));
return 0;
}
- strcpy(mykey,key);
+ strcpy(mykey,key); // will fit
m = create_mem_stream();
return;
}
- strcpy(mykey,key);
+ strcpy(mykey,key); // will fit
m = create_mem_stream_internal(size);
return 0;
}
- strcpy(fks->path,url+5);
+ strcpy(fks->path,url+5); // will fit
fks->stype=STREAM_FILE;
ERROR("cannot allocate file keyed stream for key %s\n",key);
return 0;
}
+ // this sequence will fit and terminate with a zero
strcpy(path,fks->path);
strcat(path,"/");
strcat(path,key);
s->op->type = PALACIOS_KSTREAM_OPEN_KEY;
s->op->buf_len = len;
- strncpy(s->op->buf,key,len);
+ strncpy(s->op->buf,key,len); // will terminate buffer
// enter with it locked
if (do_request_to_response(s,&flags)) {
}
strncpy(govname, policy->governor->name, MAX_GOV_NAME_LEN);
+ govname[MAX_GOV_NAME_LEN-1] = 0;
get_cpu_var(core_state).linux_governor = govname;
put_cpu_var(core_state);
stream->guest = guest;
stream->connected = 0;
- strncpy(stream->name, name, STREAM_NAME_LEN - 1);
+ strncpy(stream->name, name, STREAM_NAME_LEN);
+ stream->name[STREAM_NAME_LEN-1] = 0;
init_waitqueue_head(&(stream->user_poll_queue));
palacios_spinlock_init(&(stream->lock));
goto out_err2;
}
- strncpy(guest->name, user_image.name, 127);
+ strncpy(guest->name, user_image.name, 128);
+ guest->name[127] = 0;
INIT_LIST_HEAD(&(guest->exts));
memset(state, 0, sizeof(struct generic_internal));
strncpy(state->name,dev_id,MAX_NAME);
+ state->name[MAX_NAME-1] = 0;
if (!forward) {
state->forward_type=GENERIC_PHYSICAL;
state->pci_bus = pci;
strncpy(state->name, dev_id, 32);
+ state->name[31] = 0;
dev = v3_add_device(vm, dev_id, &dev_ops, state);
state->pci_bus = pci;
strncpy(state->name, dev_id, 32);
+ state->name[31] = 0;
dev = v3_add_device(vm, dev_id, &dev_ops, state);
}
if (model_str != NULL) {
- strncpy(drive->model, model_str, sizeof(drive->model) - 1);
+ strncpy(drive->model, model_str, sizeof(drive->model));
+ drive->model[sizeof(drive->model)-1] = 0;
}
if (strcasecmp(type_str, "cdrom") == 0) {
PrintDebug(vm, VCORE_NONE, "Registering Net disk at %s:%s disk=%s\n", ip_str, port_str, disk_tag);
strncpy(disk->disk_name, disk_tag, sizeof(disk->disk_name));
+ disk->disk_name[sizeof(disk->disk_name)-1] = 0;
disk->ip_addr = v3_inet_addr(ip_str);
disk->port = atoi(port_str);
disk->vm = vm;
pci_dev->fn_num = fn_num;
strncpy(pci_dev->name, name, sizeof(pci_dev->name));
+ pci_dev->name[sizeof(pci_dev->name)-1] = 0;
pci_dev->vm = pci->vm;
pci_dev->priv_data = priv_data;
state->pci_bus = bus;
strncpy(state->name, dev_id, 32);
+ state->name[31] = 0;
if (!(dev = v3_add_device(vm, dev_id, &dev_ops, state))) {
PrintError(vm, VCORE_NONE, "pci_front (%s): unable to add device\n",state->name);
state->pci_bus = pci;
strncpy(state->name, dev_id, 32);
+ state->name[31] = 0 ;
dev = v3_add_device(vm, dev_id, &dev_ops, state);
memset(state, 0, sizeof(struct v3_inspector_state));
strncpy(state->state_tree.name, "vm->name", 50);
+ state->state_tree.name[49] = 0;
state->state_tree.subtree = 1;
*priv_data = state;
var_dump.argv[i] = tmpstr;
/* copy the string */
+ // this is guaranteed to alwys null terminate tmpstr
strncpy(tmpstr, (char*)argvn, strlen((char*)argvn) + 1);
+
i++;
cursor += 4;
bytes += strlen((char*)argvn) + 1;
return -1;
}
+ // will always null-terminate tmpstr
strncpy(tmpstr, argstrs[i], strlen(argstrs[j]) + 1);
var_dump.argv[i] = tmpstr;
bytes += strlen(argstrs[j]) + 1;
var_dump.envp[i] = tmpstr;
/* deepcopy the string */
+ // will always null-terminate tmpstr
strncpy(tmpstr, (char*)envpn, strlen((char*)envpn) + 1);
i++;
cursor += 4;
PrintError(core->vm_info, core, "Cannot allocate temp string\n");
return -1;
}
-
+ // will always null-terminate tmpstr
strncpy(tmpstr, envstrs[j], strlen(envstrs[j]) + 1);
var_dump.envp[i] = tmpstr;
bytes += strlen(envstrs[j]) + 1;
var_dump.argv[i] = tmpstr;
/* copy the string */
+ // will always null-terminate tmpstr
strncpy(tmpstr, (char*)argvn, strlen((char*)argvn) + 1);
i++;
cursor += 8;
return -1;
}
+ // will always null-terminate tmpstr
strncpy(tmpstr, argstrs[j], strlen(argstrs[j]) + 1);
var_dump.argv[i] = tmpstr;
bytes += strlen(argstrs[j]) + 1;
var_dump.envp[i] = tmpstr;
/* deepcopy the string */
+ // will always null-terminate tmpstr
strncpy(tmpstr, (char*)envpn, strlen((char*)envpn) + 1);
i++;
cursor += 8;
PrintError(core->vm_info, core, "Cannot allocate temp string\n");
return -1;
}
-
+ // will always null-terminate tmpstr
strncpy(tmpstr, envstrs[i], strlen(envstrs[j]) + 1);
var_dump.envp[i] = tmpstr;
bytes += strlen(envstrs[j]) + 1;
}
memset(vm->name, 0, 128);
- strncpy(vm->name, name, 127);
+ strncpy(vm->name, name, 128);
+ vm->name[127] = 0;
+
if(v3_cpu_mapper_register_vm(vm) == -1) {
V3_Print(VM_NONE, VCORE_NONE, "File index=%d id=%s\n", idx, id);
strncpy(file->tag, id, V3_MAX_TAG_LEN);
+ file->tag[V3_MAX_TAG_LEN-1] = 0 ;
if (version==0) {
struct file_hdr_v0 * hdr = &(files_v0->hdrs[idx]);
list_for_each_entry(dev, &(mgr->dev_list), dev_link) {
if (dev->ops->save) {
strncpy(name_table + tbl_offset, dev->name, V3_MAX_DEVICE_NAME);
+ *(name_table + tbl_offset + V3_MAX_DEVICE_NAME - 1) = 0;
tbl_offset += V3_MAX_DEVICE_NAME;
num_saved_devs++;
} else {
INIT_LIST_HEAD(&(dev->res_hooks));
strncpy(dev->name, name, 32);
+ dev->name[31] = 0;
dev->ops = ops;
dev->private_data = private_data;
memset(node, 0, sizeof(struct v3_mtree));
strncpy(node->name, name, V3_MTREE_NAME_LEN);
+ node->name[V3_MTREE_NAME_LEN-1] = 0;
if ((ret = __insert_mtree_node(root, node))) {
PrintError(VM_NONE, VCORE_NONE, "Insertion failure\n");
}
strncpy(new_symbol->name, sym_name, 256);
+ new_symbol->name[255] = 0;
new_symbol->linkage = tmp_symbol->value;
list_add(&(new_symbol->sym_node), &(symmod_state->v3_sym_list));