[cppcheck] Dangerous usage of strncat in file xf86AutoConfig.c
Thomas Dickey
dickey at his.com
Sat Oct 3 05:52:34 PDT 2009
On Sat, 3 Oct 2009, Martin Ettl wrote:
> Hello friends,
>
> further analysation with the static code analysis tool cppcheck brought up another issue. The tool printed the following warning:
>
> .../xfree86/common/xf86AutoConfig.c,337,possible error,Dangerous usage of strncat. Tip: the 3rd parameter means maximum number of characters to append
>
> Take a look into the code at line 337:
> .....
> char path_name[256];
> .....
> 334 if (strncmp(&(direntry->d_name[len-4]), ".ids", 4) == 0) {
> /* We need the full path name to open the file */
> strncpy(path_name, PCI_TXT_IDS_PATH, 256);
> 337 strncat(path_name, "/", 1);
> strncat(path_name, direntry->d_name, (256 - strlen(path_name) - 1));
> .....
>
> I is possible (suppose to be the string PCI_TXT_IDS_PATH) is 256
> characters long) that the array path_name is allready filled. Then (lin
> 337) an additional character is appended --> array index might be go out
> of range.
It's possible, but cppcheck isn't that smart.
It's "only" warning that its author disapproves of strncat.
cppcheck only notes its presence in the code, makes no analysis of the
parameters. It's a _checking_ tool, by the way, not to be confused with
static analysis.
(dynamic allocation as an alternative is not necessarily an improvement)
--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net
More information about the xorg-devel
mailing list