diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c index f6391214be..2a271b74f0 100644 --- a/src/libvirt-lxc.c +++ b/src/libvirt-lxc.c @@ -35,6 +35,7 @@ # include #endif #include "vircgroup.h" +#include "virstring.h" #define VIR_FROM_THIS VIR_FROM_NONE @@ -213,7 +214,7 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model, goto error; } - if (strlen((char *) ctx) >= VIR_SECURITY_LABEL_BUFLEN) { + if (virStrcpy(oldlabel->label, ctx, VIR_SECURITY_LABEL_BUFLEN) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("security label exceeds " "maximum length: %d"), @@ -221,8 +222,6 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model, freecon(ctx); goto error; } - - strcpy(oldlabel->label, (char *) ctx); freecon(ctx); if ((oldlabel->enforcing = security_getenforce()) < 0) { diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index b0af3ee88e..1b784e61c7 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -2328,12 +2328,11 @@ remoteDomainGetSecurityLabel(virDomainPtr domain, virSecurityLabelPtr seclabel) } if (ret.label.label_val != NULL) { - if (strlen(ret.label.label_val) >= sizeof(seclabel->label)) { + if (virStrcpyStatic(seclabel->label, ret.label.label_val) < 0) { virReportError(VIR_ERR_RPC, _("security label exceeds maximum: %zu"), sizeof(seclabel->label) - 1); goto cleanup; } - strcpy(seclabel->label, ret.label.label_val); seclabel->enforcing = ret.enforcing; } @@ -2372,13 +2371,12 @@ remoteDomainGetSecurityLabelList(virDomainPtr domain, virSecurityLabelPtr* secla for (i = 0; i < ret.labels.labels_len; i++) { remote_domain_get_security_label_ret *cur = &ret.labels.labels_val[i]; if (cur->label.label_val != NULL) { - if (strlen(cur->label.label_val) >= sizeof((*seclabels)->label)) { + if (virStrcpyStatic((*seclabels)[i].label, cur->label.label_val) < 0) { virReportError(VIR_ERR_RPC, _("security label exceeds maximum: %zd"), sizeof((*seclabels)->label) - 1); VIR_FREE(*seclabels); goto cleanup; } - strcpy((*seclabels)[i].label, cur->label.label_val); (*seclabels)[i].enforcing = cur->enforcing; } } @@ -2444,21 +2442,19 @@ remoteNodeGetSecurityModel(virConnectPtr conn, virSecurityModelPtr secmodel) } if (ret.model.model_val != NULL) { - if (strlen(ret.model.model_val) >= sizeof(secmodel->model)) { + if (virStrcpyStatic(secmodel->model, ret.model.model_val) < 0) { virReportError(VIR_ERR_RPC, _("security model exceeds maximum: %zu"), sizeof(secmodel->model) - 1); goto cleanup; } - strcpy(secmodel->model, ret.model.model_val); } if (ret.doi.doi_val != NULL) { - if (strlen(ret.doi.doi_val) >= sizeof(secmodel->doi)) { + if (virStrcpyStatic(secmodel->doi, ret.doi.doi_val) < 0) { virReportError(VIR_ERR_RPC, _("security doi exceeds maximum: %zu"), sizeof(secmodel->doi) - 1); goto cleanup; } - strcpy(secmodel->doi, ret.doi.doi_val); } rv = 0; diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index e9cd95916e..2fc6ef2616 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1209,7 +1209,7 @@ virSecuritySELinuxGetProcessLabel(virSecurityManagerPtr mgr G_GNUC_UNUSED, return -1; } - if (strlen((char *)ctx) >= VIR_SECURITY_LABEL_BUFLEN) { + if (virStrcpy(sec->label, ctx, VIR_SECURITY_LABEL_BUFLEN) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("security label exceeds " "maximum length: %d"), @@ -1218,7 +1218,6 @@ virSecuritySELinuxGetProcessLabel(virSecurityManagerPtr mgr G_GNUC_UNUSED, return -1; } - strcpy(sec->label, (char *)ctx); freecon(ctx); VIR_DEBUG("label=%s", sec->label);