diff mbox series

sysfsutils: fix my_strncat function

Message ID 20250604081744.2068514-1-hongxu.jia@windriver.com
State Accepted, archived
Commit a5d2a5ce94b82957e2a9336c18dce9b28073cd71
Headers show
Series sysfsutils: fix my_strncat function | expand

Commit Message

Hongxu Jia June 4, 2025, 8:17 a.m. UTC 
The bug was introduced by upstream commit [1] where strncat was replaced with
internal my_strncat function, such as:

  char dest[32] = "/sys/devices/platform/axi";
  my_strncat(dest, "/", sizeof(dest) - strlen(dest) - 1);

Will result in dest string being:

  /sys/

and not the expected:

  /sys/devices/platform/axi/

The meaning of the "len" parameter in the my_strncat function is the size limit for
copying characters from "from", not the size limit for "to" after copying. Also,
the "#define safestrcat(to, from) my_strncat(to, from, sizeof(to) - strlen(to) - 1)"
has already imposed a limit on max based on the size of "to". Modify the function
to prevent truncation of content when too many bytes are passed to the my_strcat function.

[1] https://github.com/linux-ras/sysfsutils/commit/0719881cad85f837f039ecb378b823306640902a

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
 .../0001-Modify-my_strncat-function.patch     | 34 +++++++++++++++++++
 .../sysfsutils/sysfsutils_2.1.1.bb            |  4 ++-
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-core/sysfsutils/files/0001-Modify-my_strncat-function.patch

Comments

Alexander Kanavin June 12, 2025, 10:19 a.m. UTC | #1 
On Wed, 4 Jun 2025 at 10:18, hongxu via lists.openembedded.org
<hongxu.jia=eng.windriver.com@lists.openembedded.org> wrote:
> +The meaning of the "len" parameter in the my_strncat function is the size limit for copying characters from "from", not the size limit for "to" after copying.
> +Also, the "#define safestrcat(to, from) my_strncat(to, from, sizeof(to) - strlen(to) - 1)" has already imposed a limit on max based on the size of "to".
> +Modify the function to prevent truncation of content when too many bytes are passed to the my_strcat function.
> +
> +Upstream-Status: Submitted [https://github.com/linux-ras/sysfsutils/pull/30/commits/c2326946c0c2a4206c9b079a9fe25f7f9115295c]

This project was last active in July 2021, so I'd like to ask, how are
you using it, and are there viable alternatives?

On the patch review call we were wondering if the right thing to do is
to remove sysfsutils from oe-core, as it shouldn't carry unmaintained
software.

There's a number of recipes in meta-oe that depend on it, some of them
equally outdated. That needs to be reviewed.

Alex
diff mbox series

Patch

diff --git a/meta/recipes-core/sysfsutils/files/0001-Modify-my_strncat-function.patch b/meta/recipes-core/sysfsutils/files/0001-Modify-my_strncat-function.patch
new file mode 100644
index 00000000000..a8a49a80cd3
--- /dev/null
+++ b/meta/recipes-core/sysfsutils/files/0001-Modify-my_strncat-function.patch
@@ -0,0 +1,34 @@ 
+From a13fc5a57ea7c6b1761bc204cb79d8ce4745f57a Mon Sep 17 00:00:00 2001
+From: songliang <YS.songliang@h3c.com>
+Date: Wed, 4 Jun 2025 15:58:53 +0800
+Subject: [PATCH] Modify "my_strncat" function
+
+The meaning of the "len" parameter in the my_strncat function is the size limit for copying characters from "from", not the size limit for "to" after copying.
+Also, the "#define safestrcat(to, from) my_strncat(to, from, sizeof(to) - strlen(to) - 1)" has already imposed a limit on max based on the size of "to".
+Modify the function to prevent truncation of content when too many bytes are passed to the my_strcat function.
+
+Upstream-Status: Submitted [https://github.com/linux-ras/sysfsutils/pull/30/commits/c2326946c0c2a4206c9b079a9fe25f7f9115295c]
+Signed-off-by: songliang <YS.songliang@h3c.com>
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ lib/sysfs_utils.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/sysfs_utils.c b/lib/sysfs_utils.c
+index 46e0849..c0176d1 100644
+--- a/lib/sysfs_utils.c
++++ b/lib/sysfs_utils.c
+@@ -375,8 +375,8 @@ char *my_strncat(char *to, const char *from, size_t max)
+ {
+ 	size_t i = 0;
+ 
+-	while (i < max && to[i] != '\0')
++	while (to[i] != '\0')
+ 		i++;
+-	my_strncpy(to+i, from, max-i);
++	my_strncpy(to+i, from, max);
+ 	return to;
+ }
+-- 
+2.34.1
+
diff --git a/meta/recipes-core/sysfsutils/sysfsutils_2.1.1.bb b/meta/recipes-core/sysfsutils/sysfsutils_2.1.1.bb
index 86cc06a2cdd..d99039b6f8d 100644
--- a/meta/recipes-core/sysfsutils/sysfsutils_2.1.1.bb
+++ b/meta/recipes-core/sysfsutils/sysfsutils_2.1.1.bb
@@ -9,7 +9,9 @@  LIC_FILES_CHKSUM = "file://COPYING;md5=dcc19fa9307a50017fca61423a7d9754 \
                     file://cmd/GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
                     file://lib/LGPL;md5=4fbd65380cdd255951079008b364516c"
 
-SRC_URI = "git://github.com/linux-ras/sysfsutils.git;protocol=https;branch=master"
+SRC_URI = "git://github.com/linux-ras/sysfsutils.git;protocol=https;branch=master \
+           file://0001-Modify-my_strncat-function.patch \
+"
 
 SRCREV = "da2f1f8500c0af6663a56ce2bff07f67e60a92e0"