tools/coccinelle/strncpy_truncation.cocci


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

/// Use strlcpy rather than strncpy(dest,..,sz) + dest[sz-1] = '\0'
///
// Confidence: High
// Comments:
// Options: --no-includes --include-headers

virtual patch
virtual context
virtual report
virtual org

@r@
expression dest, src, sz;
position p;
@@

strncpy@p(dest, src, sz);
dest[sz - 1] = '\0';

@script:python depends on org@
p << r.p;
@@

cocci.print_main("strncpy followed by truncation can be strlcpy",p)

@script:python depends on report@
p << r.p;
@@

msg = "SUGGESTION: strncpy followed by truncation can be strlcpy"
coccilib.report.print_report(p[0],msg)

@ok depends on patch@
expression r.dest, r.src, r.sz;
position r.p;
@@

-strncpy@p(
+strlcpy(
  dest, src, sz);
-dest[sz - 1] = '\0';