[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Z7IjBsRZe3k4uZBs@pie.lan>
Date: Sun, 16 Feb 2025 17:40:22 +0000
From: Yao Zi <ziyao@...root.org>
To: musl@...ts.openwall.com
Cc: Anton Moryakov <ant.v.moryakov@...il.com>
Subject: Re: [PATCH] src: string: Replace unsafe wcscpy with wcsncat
in wcscat()
On Sun, Feb 16, 2025 at 08:25:53PM +0300, Anton Moryakov wrote:
> Static analyzer reported:
> PROC_USE.VULNERABLE: Use of vulnerable function 'wcscpy' at wcscat.c:5. This function is unsafe, use wcsncpy instead.
>
> Corrections explained:
> Replaced the vulnerable function wcscpy with wcsncat in wcscat()
> to prevent potential buffer overflows.
>
> wcscpy(dest + wcslen(dest), src); was unsafe because it could overwrite
> memory beyond the allocated buffer.
>
> Now using:
> wcsncat(dest, src, wcslen(src));
>
> This change improves security but does not guarantee buffer overflow protection.
> To fully ensure safety, the function should also receive the destination buffer
> size as a parameter.
wcscat() itself isn't a safe function. I don't see any improvements with
this patch.
Cheers,
Yao Zi
>
> Triggers found by static analyzer Svace.
>
> Signed-off-by: Anton Moryakov <ant.v.moryakov@...il.com>
>
> ---
> src/string/wcscat.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/string/wcscat.c b/src/string/wcscat.c
> index d4f00ebd..7599a6eb 100644
> --- a/src/string/wcscat.c
> +++ b/src/string/wcscat.c
> @@ -2,6 +2,6 @@
>
> wchar_t *wcscat(wchar_t *restrict dest, const wchar_t *restrict src)
> {
> - wcscpy(dest + wcslen(dest), src);
> + wcsncat(dest, src, wcslen(src));
> return dest;
> }
> --
> 2.30.2
>
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
