These three strncpy() calls copy at most sizeof(buffer)-1 bytes,
but buffer isn't explicitly 0 cleared, so 0 terminate the last byte.
Signed-off-by: Tomohiro Kusumi <kusumi.tomohiro@gmail.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
/*
* must be a file, open "." in that path
*/
+ tempname[PATH_MAX - 1] = '\0';
strncpy(tempname, file_name, PATH_MAX - 1);
p = dirname(tempname);
if (stat(p, &st)) {
log_err("unknown sysfs layout\n");
return NULL;
}
+ tmp[PATH_MAX - 1] = '\0';
strncpy(tmp, p, PATH_MAX - 1);
sprintf(path, "%s", tmp);
}
dprint(FD_IO, "load ioengine %s\n", name);
+ engine[sizeof(engine) - 1] = '\0';
strncpy(engine, name, sizeof(engine) - 1);
/*