[PATCH libevdev 2/2] uinput: change strcpy/strcat usage for snprintf

Benjamin Tissoires benjamin.tissoires at gmail.com
Thu Jun 19 17:05:23 PDT 2014 

On Thu, Jun 19, 2014 at 7:26 PM, Peter Hutterer
<peter.hutterer at who-t.net> wrote:
> Better protection against buffer overflow better, though by the time someone

I know the code is much better now, but that is still a lot of "better" :)

> is manipulating your sysfs, libevdev is unlikely to be the biggest worry.
>
> Slight change in functionality: before we checked the timestamp of
> /sys/devices/virtual/input/inputXYZ before looking at /inputXYZ/name, now we
> just check the name file for the timestamp.
>
> Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>

Looks good to me:
Reviewed-by: Benjamin Tissoires <benjamin.tissoires at gmail.com>

Cheers,
Benjamin

> ---
>  libevdev/libevdev-uinput.c | 19 ++++++++++++++-----
>  1 file changed, 14 insertions(+), 5 deletions(-)
>
> diff --git a/libevdev/libevdev-uinput.c b/libevdev/libevdev-uinput.c
> index f8607d1..e8419e6 100644
> --- a/libevdev/libevdev-uinput.c
> +++ b/libevdev/libevdev-uinput.c
> @@ -218,8 +218,12 @@ fetch_syspath_and_devnode(struct libevdev_uinput *uinput_dev)
>                 int fd, len;
>                 struct stat st;
>
> -               strcpy(buf, SYS_INPUT_DIR);
> -               strcat(buf, namelist[i]->d_name);
> +               rc = snprintf(buf, sizeof(buf), "%s%s/name",
> +                             SYS_INPUT_DIR,
> +                             namelist[i]->d_name);
> +               if (rc < 0 || (size_t)rc >= sizeof(buf)) {
> +                       continue;
> +               }
>
>                 if (stat(buf, &st) == -1)
>                         continue;
> @@ -230,7 +234,6 @@ fetch_syspath_and_devnode(struct libevdev_uinput *uinput_dev)
>                         continue;
>
>                 /* created within time frame */
> -               strcat(buf, "/name");
>                 fd = open(buf, O_RDONLY);
>                 if (fd < 0)
>                         continue;
> @@ -247,8 +250,14 @@ fetch_syspath_and_devnode(struct libevdev_uinput *uinput_dev)
>                                 log_info(NULL, "multiple identical devices found. syspath is unreliable\n");
>                                 break;
>                         } else {
> -                               strcpy(buf, SYS_INPUT_DIR);
> -                               strcat(buf, namelist[i]->d_name);
> +                               rc = snprintf(buf, sizeof(buf), "%s%s",
> +                                             SYS_INPUT_DIR,
> +                                             namelist[i]->d_name);
> +                               if (rc < 0 || (size_t)rc >= sizeof(buf)) {
> +                                       log_error(NULL, "Invalid syspath, syspath is unreliable\n");
> +                                       break;
> +                               }
> +
>                                 uinput_dev->syspath = strdup(buf);
>                                 uinput_dev->devnode = fetch_device_node(buf);
>                         }
> --
> 1.9.3
>
> _______________________________________________
> Input-tools mailing list
> Input-tools at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/input-tools

More information about the Input-tools mailing list