genl: reject invalid group names in genl_family_add_grp()

The compiler warns about string truncation:

  In function ‘genl_family_add_grp’,
      inlined from ‘family_clone’ at lib/genl/family.c:81:9,
      inlined from ‘family_clone’ at lib/genl/family.c:66:12:
  lib/genl/family.c:376:2: error: ‘strncpy’ output may be truncated copying 15 bytes from a string of length 15 [-Werror=stringop-truncation]
    376 |  strncpy(grp->name, name, GENL_NAMSIZ - 1);
        |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Obvioulsy, it's a bug to use an invalid group name. But better
handle it by checking for a suitable string length.

Also use _nl_strncpy() which asserts that no truncation occurs.

diff --git a/lib/genl/family.c b/lib/genl/family.c
index c98e5e1cfb8583609d81bb76eb58c172c225bcf6..eeb1fefd3f61a953a01db8689ec4a81c06bb4067 100644 (file)
--- a/lib/genl/family.c
+++ b/lib/genl/family.c
@@ -24,6 +24,8 @@
 #include <netlink/genl/family.h>
 #include <netlink/utils.h>
 
+#include "netlink-private/utils.h"
+
 /** @cond SKIP */
 #define FAMILY_ATTR_ID         0x01
 #define FAMILY_ATTR_NAME       0x02
@@ -364,16 +366,20 @@ int genl_family_add_op(struct genl_family *family, int id, int flags)
 }
 
 int genl_family_add_grp(struct genl_family *family, uint32_t id,
-                       const char *name)
+                        const char *name)
 {
-       struct genl_family_grp *grp;  
+       struct genl_family_grp *grp;
+
+       if (   !name
+           || strlen (name) >= GENL_NAMSIZ)
+               return -NLE_INVAL;
 
        grp = calloc(1, sizeof(*grp));
        if (grp == NULL)
                return -NLE_NOMEM;
 
        grp->id = id;
-       strncpy(grp->name, name, GENL_NAMSIZ - 1);
+       _nl_strncpy(grp->name, name, GENL_NAMSIZ);
 
        nl_list_add_tail(&grp->list, &family->gf_mc_grps);