From: Jennifer Herbert <Jennifer.Herbert@citrix.com>
Date: Wed, 1 Jul 2015 17:37:11 +0000 (+0000)
Subject: libxc: Fix misleading use of strncpy code in build_hvm_info()
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~2944
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=b9dbe33d15a038500bcc3226a3ca31ee215122cd;p=xen.git

libxc: Fix misleading use of strncpy code in build_hvm_info()

hvm_info->signature is not a string, but an 64 bit int, and is not
NULL terminated.  The use of strncpy to populate it is inappropriate and
potentially misleading.  A cursory glance might have you thinking someone
had miscounted the length of the string literal - not realising it was
intentionally cropping of the null termination.
Also, since we wish to initialise all of hvm_info->signature, and
certainly no more, the use of sizeof is safer.

Coverity-ID: 1198710

Signed-off-by: Jennifer Herbert <jennifer.herbert@citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
---

diff --git a/tools/libxc/xc_hvm_build_x86.c b/tools/libxc/xc_hvm_build_x86.c
index 7343e87ebe..a6e9203fd8 100644
--- a/tools/libxc/xc_hvm_build_x86.c
+++ b/tools/libxc/xc_hvm_build_x86.c
@@ -99,7 +99,7 @@ static void build_hvm_info(void *hvm_info_page,
     memset(hvm_info_page, 0, PAGE_SIZE);
 
     /* Fill in the header. */
-    strncpy(hvm_info->signature, "HVM INFO", 8);
+    memcpy(hvm_info->signature, "HVM INFO", sizeof(hvm_info->signature));
     hvm_info->length = sizeof(struct hvm_info_table);
 
     /* Sensible defaults: these can be overridden by the caller. */