From owner-cvs-all Wed May 8 22:23:38 2002 Delivered-To: cvs-all@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id E2C2E37B410; Wed, 8 May 2002 22:23:33 -0700 (PDT) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id PAA28269; Thu, 9 May 2002 15:23:17 +1000 Date: Thu, 9 May 2002 15:25:11 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: "Andrey A. Chernov" Cc: cvs-committers@FreeBSD.org, Subject: Re: cvs commit: src/sbin/sysctl sysctl.c In-Reply-To: <20020509040953.GA894@nagual.pp.ru> Message-ID: <20020509151407.D3794-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 9 May 2002, Andrey A. Chernov wrote: > On Thu, May 09, 2002 at 13:50:37 +1000, Bruce Evans wrote: > > On Wed, 8 May 2002, Andrey A. Chernov wrote: > > > > > ache 2002/05/08 16:49:20 PDT > > > > > > Modified files: > > > sbin/sysctl sysctl.c > > > Log: > > > Don't forget to null-terminate string we got from sysctl (f.e. in 'A' format). > > > Stack garbadge may be printed otherwise. > > > > > > Revision Changes Path > > > 1.45 +1 -1 src/sbin/sysctl/sysctl.c > > > > This overruns the buffer in the (unlikely) even that sysctl(3) returned a > > full buffer. > > Do you saw j += j there? Buffer is doubled (unless I misunderstand this > thing). Yes; that is why I wrote that the even[t] is unlikely. We double the buffer size in case the name expands underneath us. If the name actually expands by a full factor of 2, we overrun the buffer. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message