Date: 14 Sep 2001 11:16:26 +0200 From: Dag-Erling Smorgrav <des@ofug.org> To: "Andrew R. Reiter" <arr@watson.org> Cc: freebsd-audit@FreeBSD.ORG Subject: Re: dungeon master patch Message-ID: <xzpzo7yt9n9.fsf@flood.ping.uio.no> In-Reply-To: <Pine.NEB.3.96L.1010914000517.11262A-200000@fledge.watson.org> References: <Pine.NEB.3.96L.1010914000517.11262A-200000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
"Andrew R. Reiter" <arr@watson.org> writes:
> --- dm.c.orig Thu Sep 13 22:44:25 2001
> +++ dm.c Thu Sep 13 23:02:43 2001
> @@ -111,15 +111,16 @@
> play(args)
> char **args;
> {
> - char pbuf[MAXPATHLEN];
> + char pbuf[MAXPATHLEN+1];
The "+1" is incorrect, and PATH_MAX misspelled MAXPATHLEN.
> - if (sizeof(_PATH_HIDE) + strlen(game) > sizeof(pbuf)) {
> + if (sizeof(_PATH_HIDE) + strlen(game) + 1 > sizeof(pbuf)) {
> (void)fprintf(stderr, "dm: %s/%s: %s\n", _PATH_HIDE, game,
> strerror(ENAMETOOLONG));
> exit(1);
> }
No +1 is needed.
> - (void)strcpy(pbuf, _PATH_HIDE);
> - (void)strcpy(pbuf + sizeof(_PATH_HIDE) - 1, game);
> + bzero((void *)&pbuf, MAXPATHLEN+1);
> + strlcpy(pbuf, _PATH_HIDE, sizeof(pbuf));
> + strlcat(pbuf+strlen(_PATH_HIDE), game, sizeof(pbuf)-strlen(_PATH_HIDE));
Replace bzero(), strlcpy() and strlcat() with snprintf().
> - if (sscanf(lbuf, "%s%s", f1, f2) != 2 ||
> + if (sscanf(lbuf, "%39s%39s", f1, f2) != 2 ||
> strcasecmp(f1, "badtty"))
The return value from strcmp() and friends should always be explicitly
compared to 0.
Someone[tm] should write an snscanf() function that allows the length
of the line to be specified so it can be used in conjunction with
fgetln().
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpzo7yt9n9.fsf>