Date: Thu, 24 Apr 2014 11:33:23 GMT From: Henning Petersen <henning.petersen@t-online.de> To: freebsd-gnats-submit@FreeBSD.org Subject: bin/188951: Undefined behavior at line 135 in part_wizard.c (snprintf). Message-ID: <201404241133.s3OBXNv5004511@cgiserv.freebsd.org> Resent-Message-ID: <201404241140.s3OBe0Po029769@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 188951
>Category: bin
>Synopsis: Undefined behavior at line 135 in part_wizard.c (snprintf).
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 24 11:40:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: Henning Petersen
>Release: FreeBSD-current
>Organization:
>Environment:
>Description:
Undefined behavior in snprintf found by cppcheck.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
--- usr.sbin/bsdinstall/partedit/part_wizard.c (revision 264867)
+++ usr.sbin/bsdinstall/partedit/part_wizard.c (working copy)
@@ -130,9 +130,13 @@
else
strcat(diskdesc, " Disk");
- if (desc != NULL)
- snprintf(diskdesc, sizeof(diskdesc),
- "%s <%s>", diskdesc, desc);
+ if (desc != NULL) {
+ size_t len;
+ len = strlen(diskdesc);
+ snprintf(diskdesc + len,
+ sizeof(diskdesc) - len,
+ " <%s>", desc);
+ }
disks[n-1].text = strdup(diskdesc);
disks[n-1].help = NULL;
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404241133.s3OBXNv5004511>