Missatge de Samuel Thibault <samuel.thiba...@gnu.org> del dia dt., 14 d’ag. 2018 a les 9:34: > > - strncpy (in->dev_name, arg, DEV_NAME_LEN); > > + strncpy (in->dev_name, arg, sizeof(in->dev_name)-1); > > Mmm, but if arg is longer than the given size and doesn't contain a \0, > in->dev_name will not contain one either? >
No, b/c at most sizeof(in->dev_name)-1 bytes from arg will be copied, leaving the last byte in in->dev_name unwritten, which always will be equal to zero as it's initialized in parse_hook_add_interface(). > > strncpy (ifr->ifr_name, netif_get_state (netif)->devname, > > - strlen (netif_get_state (netif)->devname) + 1); > > + sizeof (ifr->ifr_name)-1); > > Similarly. Same here, the last byte is never written and is initialized to \0 in the previous line.
