From 30f87c86b4790761cc117b8e5f9ead4da225b20d Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Mon, 12 Jun 2023 12:01:15 +0200 Subject: [PATCH] QProcess/Unix: fix unsafe strncpy() use MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit GCC 11 complains: qprocess_unix.cpp:672:12: error: ‘char* strncpy(char*, const char*, size_t)’ specified bound 508 equals destination size [-Werror=stringop-truncation] 672 | strncpy(error.function, description, sizeof(error.function)); | ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ And it's correct: if description is longer than sizeof(error.function), then error.function will not be NUL-terminated. While a quick check suggests that the user of the field performs a qstrnlen(), thus avoiding falling off the unterminated end of error.function, it's safer to always NUL-terminate. A single added qDebug() << error.function would already be UB. Fix by using _q_strncpy(), which is also more efficient, as it doesn't write 0.5KiB of NULs in the likely case that description is short. Amends 90bc0ad41f9937f9cba801b3166635f6f55e0678. Change-Id: If5c2cb80fc4a3c92b8e78b680a635045bb14a30d Reviewed-by: Thiago Macieira --- src/corelib/io/qprocess_unix.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/corelib/io/qprocess_unix.cpp b/src/corelib/io/qprocess_unix.cpp index 6bf1b9b1a03..abfdfc8c828 100644 --- a/src/corelib/io/qprocess_unix.cpp +++ b/src/corelib/io/qprocess_unix.cpp @@ -669,7 +669,7 @@ failChildProcess(const QProcessPrivate *d, const char *description, int code) no { ChildError error = {}; error.code = code; - strncpy(error.function, description, sizeof(error.function)); + qstrncpy(error.function, description, sizeof(error.function)); qt_safe_write(d->childStartedPipe[1], &error, sizeof(error)); _exit(-1); }