Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20240324174702.GB32430@brightrain.aerifal.cx>
Date: Sun, 24 Mar 2024 13:47:02 -0400
From: Rich Felker <dalias@...ifal.cx>
To: Maks Mishin <maks.mishinfz@...il.com>
Cc: musl@...ts.openwall.com
Subject: Re: [PATCH] wcpcpy: Replace call of vulnerable function

On Sun, Mar 24, 2024 at 08:07:32PM +0300, Maks Mishin wrote:
> Use of vulnerable function 'wcscpy' at wcpcpy.c:5.
> This function is unsafe, use 'wcsncpy' instead.
> 
> Found by RASU JSC.
> 
> Signed-off-by: Maks Mishin <maks.mishinFZ@...il.com>
> ---
>  src/string/wcpcpy.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/string/wcpcpy.c b/src/string/wcpcpy.c
> index ef401343..53a29a99 100644
> --- a/src/string/wcpcpy.c
> +++ b/src/string/wcpcpy.c
> @@ -2,5 +2,5 @@
>  
>  wchar_t *wcpcpy(wchar_t *restrict d, const wchar_t *restrict s)
>  {
> -	return wcscpy(d, s) + wcslen(s);
> +	return wcsncpy(d, s, sizeof d) + wcslen(s);
>  }
> -- 
> 2.30.2

Also wrong for the exact same reasons as the sprintf one.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.