[syslinux] [PATCH 6/6] hdt: fix sizeof(char *) misuse
Gene Cumm
gene.cumm at gmail.com
Sun May 17 04:40:55 PDT 2015
On Sun, May 17, 2015 at 2:16 AM, Geert Stappers via Syslinux
<syslinux at zytor.com> wrote:
> On Sat, May 16, 2015 at 10:41:40AM -0400, Gene Cumm wrote:
>> On Mon, Feb 9, 2015 at 10:01 PM, Jonathan Boeing wrote:
>> > The code was passing sizeof(const char *) - not the length of the string
>> > or the size of the buffer - as the length to strncmp(). These two cases
>> > don't need the length, so switch to strcmp.
>>
>> Can we trust that the data will not allow strcmp() to compare more
>> data than necessary? In other words, can we trust that there will be
>> null-terminators?
>>
>> > Fixes the warning: argument to 'sizeof' in 'strncmp' call is the same
>> > expression as the second source; did you mean to provide an explicit
>> > length?
>> >
>> > @@ -211,7 +211,7 @@ cli_mode_t mode_s_to_mode_t(char *name)
>> > int i = 0;
>> >
>> > while (list_modes[i]) {
>> > - if (!strncmp(name, list_modes[i]->name, sizeof(list_modes[i]->name)))
>> > + if (!strcmp(name, list_modes[i]->name))
>> > break;
>> > i++;
>> > }
>
>
> Now repeating
> Fixes the warning: argument to 'sizeof' in 'strncmp' call is the same
> expression as the second source; did you mean to provide an explicit
> length?
I'm not disputing _if_ a change is necessary. I'm only questioning
the safety of the particular change. strncmp() can be used anytime
you're wanting to restrict the length of compare, including
uncertainty about the effective length of a string (presence of a null
terminator).
Examining the code, it appears strcmp() should be safe as the second
string should already have been initialized statically in the code.
--
-Gene
More information about the Syslinux
mailing list