Date: Mon, 2 Dec 2002 14:46:42 +0200 From: Peter Pentchev <roam@ringlet.net> To: Thomas Quinot <thomas@FreeBSD.ORG> Cc: hackers@FreeBSD.org, audit@FreeBSD.org Subject: Re: [CFR] diskpart(1) buffer overflow fix Message-ID: <20021202124641.GH372@straylight.oblivion.bg> In-Reply-To: <20021202123752.GA62114@melusine.cuivre.fr.eu.org> References: <20021202115809.GD372@straylight.oblivion.bg> <20021202122150.GE372@straylight.oblivion.bg> <20021202123752.GA62114@melusine.cuivre.fr.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--fLj60tP2PZ34xyqD Content-Type: multipart/mixed; boundary="QxN5xOWGsmh5a4wb" Content-Disposition: inline --QxN5xOWGsmh5a4wb Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Dec 02, 2002 at 01:37:52PM +0100, Thomas Quinot wrote: > Le 2002-12-02, Peter Pentchev ?crivait : >=20 > > > Attached are two patches: a trivial one which just fixes up two probl= ems > > > in diskpart's argument parsing, and a more complex one, which does it > > > "the right way" IMHO, using getopt(3). >=20 > The getopt-based version sounds better to me. >=20 > > + case 'd': > > + dflag++; > > + if (pflag) > > + usage(); > > + break; > > + =09 > > + case 'p': > > + if (dflag) > > + usage(); > > + pflag++; > > + break; >=20 > I'd remove both tests and replace them with a single > if (pflag && dflag) usage() > after all arguments have been processed. Ahhh; of course this would be better. Updated patch attached. G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If there were no counterfactuals, this sentence would not have been paradox= ical. --QxN5xOWGsmh5a4wb Content-Type: text/plain; charset=windows-1251 Content-Disposition: attachment; filename="usr.sbin-diskpart.patch" Content-Transfer-Encoding: quoted-printable Index: src/usr.sbin/diskpart/diskpart.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/usr.sbin/diskpart/Attic/diskpart.c,v retrieving revision 1.11.2.1 diff -u -r1.11.2.1 diskpart.c --- src/usr.sbin/diskpart/diskpart.c 7 Jan 2002 06:00:23 -0000 1.11.2.1 +++ src/usr.sbin/diskpart/diskpart.c 2 Dec 2002 12:45:27 -0000 @@ -55,6 +55,7 @@ #include <ctype.h> #include <err.h> #include <stdio.h> +#include <unistd.h> =20 #define for_now /* show all of `c' partition for disklabel */ #define NPARTITIONS 8 @@ -126,22 +127,29 @@ int threshhold, numcyls[NPARTITIONS], startcyl[NPARTITIONS]; int totsize =3D 0; char *lp, *tyname; + int ch; =20 - argc--, argv++; + while ((ch =3D getopt(argc, argv, "dps:")) !=3D EOF) + switch (ch) { + case 'd': + dflag++; + break; + =09 + case 'p': + pflag++; + break; + + case 's': + totsize =3D atoi(optarg); + break; + } + argc -=3D optind; + argv +=3D optind; + + if (dflag && pflag) + usage(); if (argc < 1) usage(); - if (argc > 0 && strcmp(*argv, "-p") =3D=3D 0) { - pflag++; - argc--, argv++; - } - if (argc > 0 && strcmp(*argv, "-d") =3D=3D 0) { - dflag++; - argc--, argv++; - } - if (argc > 1 && strcmp(*argv, "-s") =3D=3D 0) { - totsize =3D atoi(argv[1]); - argc +=3D 2, argv +=3D 2; - } dp =3D getdiskbyname(*argv); if (dp =3D=3D NULL) { if (isatty(0)) --QxN5xOWGsmh5a4wb-- --fLj60tP2PZ34xyqD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE961Yx7Ri2jRYZRVMRAlB6AJsGIHbaIiOpb/+1kkCszSGzKsJjeQCfZvFa HT9yhe6vNIDvwpvqgPYmsSk= =M70Q -----END PGP SIGNATURE----- --fLj60tP2PZ34xyqD-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021202124641.GH372>