ril.cpp: fix misuse of strncat
strncat(dest,src,size) appends size+1 bytes to the end of
dest, so sizeof(dest) must be greater than
strlen(dest) + size + 1. Passing the buffer size to strncat
instead of sizeof(dest) - strlen(dest) - 1 is a common
strncat bug. Use strlcat instead, as it has more intuitive
behavior and ensures the buffer is properly null terminated.
Addresses the following compiler warning:
In file included from system/core/include/cutils/sockets.h:22:0,
from hardware/ril/libril/ril.cpp:24:
In function 'char* strncat(char*, const char*, size_t)',
inlined from 'void android::RIL_register(const RIL_RadioFunctions*)' at hardware/ril/libril/ril.cpp:4258:62:
bionic/libc/include/string.h:199:61: warning: call to char* __builtin___strncat_chk(char*, const char*, unsigned int, unsigned int) might overflow destination buffer
return __builtin___strncat_chk(dest, src, n, __bos(dest));
^
(line numbers are from internal master and do not match AOSP)
Even with this change, this code feels weird.
MAX_DEBUG_SOCKET_NAME_LENGTH is 12, and rildebug is initialized to be
SOCKET_NAME_RIL_DEBUG ("rild-debug"), which is 11 bytes including null
terminator. The strlcat call here can append a maximum of 1 byte before
the buffer is full. I don't know if this is intended or not.
Change-Id: I49801ad1ea3aa6173bbc9fd7cf00f3d308693253
1 file changed