diff options
author | Kane York <kanepyork@gmail.com> | 2020-07-23T20·02-0700 |
---|---|---|
committer | kanepyork <rikingcoding@gmail.com> | 2020-07-23T22·00+0000 |
commit | 9a85694b8616f2e10f19440f4db9017d44dfae18 (patch) | |
tree | b915674b395abd2bfe617e0a4e50c5944dc540a1 /third_party | |
parent | ec46a594dff3453c1091b01d4904f1ab1947d60d (diff) |
fix(3p/nix): remove usage of strcpy r/1437
Change-Id: I86125609f433469a8722c780fd758234211d677e Reviewed-on: https://cl.tvl.fyi/c/depot/+/1381 Tested-by: BuildkiteCI Reviewed-by: Alyssa Ross <hi@alyssa.is> Reviewed-by: glittershark <grfn@gws.fyi>
Diffstat (limited to 'third_party')
-rw-r--r-- | third_party/nix/.clang-tidy | 2 | ||||
-rw-r--r-- | third_party/nix/src/libstore/build.cc | 2 | ||||
-rw-r--r-- | third_party/nix/src/libstore/remote-store.cc | 7 | ||||
-rw-r--r-- | third_party/nix/src/nix-daemon/nix-daemon.cc | 8 |
4 files changed, 10 insertions, 9 deletions
diff --git a/third_party/nix/.clang-tidy b/third_party/nix/.clang-tidy index 4e0e8b6e0e2b..bccfa148cf33 100644 --- a/third_party/nix/.clang-tidy +++ b/third_party/nix/.clang-tidy @@ -1,3 +1,3 @@ --- -WarningsAsErrors: 'abseil-*' +WarningsAsErrors: 'abseil-*,clang-analyzer-security.insecureAPI.strcpy' ... diff --git a/third_party/nix/src/libstore/build.cc b/third_party/nix/src/libstore/build.cc index dcc3c7edc7af..da35388d855a 100644 --- a/third_party/nix/src/libstore/build.cc +++ b/third_party/nix/src/libstore/build.cc @@ -2833,7 +2833,7 @@ void DerivationGoal::runChild() { } struct ifreq ifr; - strcpy(ifr.ifr_name, "lo"); + strncpy(ifr.ifr_name, "lo", sizeof("lo")); ifr.ifr_flags = IFF_UP | IFF_LOOPBACK | IFF_RUNNING; if (ioctl(fd.get(), SIOCSIFFLAGS, &ifr) == -1) { throw SysError("cannot set loopback interface flags"); diff --git a/third_party/nix/src/libstore/remote-store.cc b/third_party/nix/src/libstore/remote-store.cc index 7c4f3a138fc0..33a6ec310ac1 100644 --- a/third_party/nix/src/libstore/remote-store.cc +++ b/third_party/nix/src/libstore/remote-store.cc @@ -99,12 +99,13 @@ ref<RemoteStore::Connection> UDSRemoteStore::openConnection() { struct sockaddr_un addr; addr.sun_family = AF_UNIX; - if (socketPath.size() + 1 >= sizeof(addr.sun_path)) { + strncpy(addr.sun_path, socketPath.c_str(), sizeof(addr.sun_path)); + if (addr.sun_path[sizeof(addr.sun_path) - 1] != '\0') { throw Error(format("socket path '%1%' is too long") % socketPath); } - strcpy(addr.sun_path, socketPath.c_str()); - if (::connect(conn->fd.get(), (struct sockaddr*)&addr, sizeof(addr)) == -1) { + if (::connect(conn->fd.get(), reinterpret_cast<struct sockaddr*>(&addr), + sizeof(addr)) == -1) { throw SysError(format("cannot connect to daemon at '%1%'") % socketPath); } diff --git a/third_party/nix/src/nix-daemon/nix-daemon.cc b/third_party/nix/src/nix-daemon/nix-daemon.cc index dc5295821f84..1f49788ae573 100644 --- a/third_party/nix/src/nix-daemon/nix-daemon.cc +++ b/third_party/nix/src/nix-daemon/nix-daemon.cc @@ -970,10 +970,10 @@ static void daemonLoop(char** argv) { struct sockaddr_un addr; addr.sun_family = AF_UNIX; - if (socketPathRel.size() >= sizeof(addr.sun_path)) { + strncpy(addr.sun_path, socketPathRel.c_str(), sizeof(addr.sun_path)); + if (addr.sun_path[sizeof(addr.sun_path) - 1] != '\0') { throw Error(format("socket path '%1%' is too long") % socketPathRel); } - strcpy(addr.sun_path, socketPathRel.c_str()); unlink(socketPath.c_str()); @@ -1125,10 +1125,10 @@ static int _main(int argc, char** argv) { auto socketName = baseNameOf(socketPath); auto addr = sockaddr_un{}; addr.sun_family = AF_UNIX; - if (socketName.size() + 1 >= sizeof(addr.sun_path)) { + strncpy(addr.sun_path, socketName.c_str(), sizeof(addr.sun_path)); + if (addr.sun_path[sizeof(addr.sun_path) - 1] != '\0') { throw Error(format("socket name %1% is too long") % socketName); } - strcpy(addr.sun_path, socketName.c_str()); if (connect(s, (struct sockaddr*)&addr, sizeof(addr)) == -1) { throw SysError(format("cannot connect to daemon at %1%") % |