From 8a4c0c32f4252efb0f0adbf5cdc0261d359cd568 Mon Sep 17 00:00:00 2001 From: "kay.sievers@vrfy.org" Date: Sun, 27 Mar 2005 12:39:12 +0200 Subject: [PATCH] fix klibc's broken strlcpy/strlcat udevinfo segfaults cause klibc's strlcpy writes behind the specified size of the destination string. strlcat truncates the destination string which is also not what you expect from a concatenation function. --- udev_libc_wrapper.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'udev_libc_wrapper.c') diff --git a/udev_libc_wrapper.c b/udev_libc_wrapper.c index 16d90913cf..23cb7b4316 100644 --- a/udev_libc_wrapper.c +++ b/udev_libc_wrapper.c @@ -36,11 +36,15 @@ #define __OWN_USERDB_PARSER__ #endif +#ifdef __GLIBC__ +#define __OWN_STRLCPYCAT__ +#endif + #ifdef USE_STATIC #define __OWN_USERDB_PARSER__ #endif -#ifndef strlcpy +#ifdef __OWN_STRLCPYCAT__ size_t strlcpy(char *dst, const char *src, size_t size) { size_t bytes = 0; @@ -49,7 +53,7 @@ size_t strlcpy(char *dst, const char *src, size_t size) char ch; while ((ch = *p++)) { - if (bytes < size) + if (bytes+1 < size) *q++ = ch; bytes++; } @@ -57,9 +61,7 @@ size_t strlcpy(char *dst, const char *src, size_t size) *q = '\0'; return bytes; } -#endif -#ifndef strlcat size_t strlcat(char *dst, const char *src, size_t size) { size_t bytes = 0; @@ -71,9 +73,11 @@ size_t strlcat(char *dst, const char *src, size_t size) q++; bytes++; } + if (bytes == size) + return (bytes + strlen(src)); while ((ch = *p++)) { - if (bytes < size) + if (bytes+1 < size) *q++ = ch; bytes++; } @@ -81,7 +85,7 @@ size_t strlcat(char *dst, const char *src, size_t size) *q = '\0'; return bytes; } -#endif +#endif /* __OWN_STRLCPYCAT__ */ #ifndef __OWN_USERDB_PARSER__ #include -- cgit v1.2.3-54-g00ecf