Date: Fri, 18 Dec 2015 15:01:38 -0700 From: Warner Losh <imp@bsdimp.com> To: "Pedro F. Giffuni" <pfg@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r292454 - head/bin/ed Message-ID: <44E9BE06-1883-4AF8-816D-D699CF733EEB@bsdimp.com> In-Reply-To: <201512182158.tBILwhRB040583@repo.freebsd.org> References: <201512182158.tBILwhRB040583@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_2ABCFC0F-4C08-4801-BFE5-1B8B17CD29D9 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Isn=E2=80=99t strlcpy() the more appropriate interface? strncpy = doesn=E2=80=99t guarantee NUL termination. Warner > On Dec 18, 2015, at 2:58 PM, Pedro F. Giffuni <pfg@FreeBSD.org> wrote: >=20 > Author: pfg > Date: Fri Dec 18 21:58:42 2015 > New Revision: 292454 > URL: https://svnweb.freebsd.org/changeset/base/292454 >=20 > Log: > ed(1): Prevent possible string overflows >=20 > CID: 1007252 > MFC after: 2 weeks >=20 > Modified: > head/bin/ed/main.c >=20 > Modified: head/bin/ed/main.c > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/bin/ed/main.c Fri Dec 18 21:34:28 2015 = (r292453) > +++ head/bin/ed/main.c Fri Dec 18 21:58:42 2015 = (r292454) > @@ -505,7 +505,8 @@ exec_command(void) > return ERR; > else if (open_sbuf() < 0) > return FATAL; > - if (*fnp && *fnp !=3D '!') strcpy(old_filename, fnp); > + if (*fnp && *fnp !=3D '!') > + strncpy(old_filename, fnp, PATH_MAX); > #ifdef BACKWARDS > if (*fnp =3D=3D '\0' && *old_filename =3D=3D '\0') { > errmsg =3D "no current filename"; > @@ -532,7 +533,8 @@ exec_command(void) > return ERR; > } > GET_COMMAND_SUFFIX(); > - if (*fnp) strcpy(old_filename, fnp); > + if (*fnp) > + strncpy(old_filename, fnp, PATH_MAX); > printf("%s\n", strip_escapes(old_filename)); > break; > case 'g': > @@ -663,7 +665,7 @@ exec_command(void) > GET_COMMAND_SUFFIX(); > if (!isglobal) clear_undo_stack(); > if (*old_filename =3D=3D '\0' && *fnp !=3D '!') > - strcpy(old_filename, fnp); > + strncpy(old_filename, fnp, PATH_MAX); > #ifdef BACKWARDS > if (*fnp =3D=3D '\0' && *old_filename =3D=3D '\0') { > errmsg =3D "no current filename"; > @@ -797,7 +799,7 @@ exec_command(void) > return ERR; > GET_COMMAND_SUFFIX(); > if (*old_filename =3D=3D '\0' && *fnp !=3D '!') > - strcpy(old_filename, fnp); > + strncpy(old_filename, fnp, PATH_MAX); > #ifdef BACKWARDS > if (*fnp =3D=3D '\0' && *old_filename =3D=3D '\0') { > errmsg =3D "no current filename"; >=20 --Apple-Mail=_2ABCFC0F-4C08-4801-BFE5-1B8B17CD29D9 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWdIJCAAoJEGwc0Sh9sBEAApIQAMhqBCqdCLu17RXWsvLLsXZF u5AWMtSUoJBPkJmQrBf8Pl6CX+U4Qudy3atCj9N0yEAiLEwE3U9JBwqhMP3Tedsz +LDHx5uSqYLo9DSHMUeVze6gBn6eOEeLV2/s+5aUQGcWV1X32XT7XT6Zv5KsyX22 6JvJZmmJVWbspIf3EWb1eX92z4qnZxPFYN38OzhNT+69BbIt506sRXi0a/Q/lnYP tZoP+8EQ78ZLcEECcZZFOFOOKEf57vty0afRmlesjc809cwa8UgbD4XK6yhgDEjR BZMJ9sCKK9XbvDW3RRLdrg42v2nGilyoeCrc84+47hzK0hlY1bikcYcMLP8l/HoM 9W6h0YAaLNort46ANaLoXlP3MFpSf1D0lLv+YKWXNbjucXqKToVU82tL1lKvkT4Y 1kSZDP5yXuBHSTMhMAJjDJIt7mbcBJsph5U+AO0aMxAgMhZaYdN6Y3xE+rg0sj66 AFoQpINJ0RYJv1PqWzDvKQEuaLbETgzZVnyXyXSMxLFRwxoRaMT93NelWScNPLUl XVuZ++1vjLKKVrIdAoJlgkeY23O3ngHTfKrazJjTOky9LSgHjVinvfkZu2O0HmzZ JzB5eLgZMtAbgQXjbhTi5j77La/4yYwQpaBMhv+gL7wllvTzs191AwqQlcHTaxr2 /M5xNHuiUxR+1txV5eTC =U0cR -----END PGP SIGNATURE----- --Apple-Mail=_2ABCFC0F-4C08-4801-BFE5-1B8B17CD29D9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44E9BE06-1883-4AF8-816D-D699CF733EEB>