Date: Wed, 31 Jan 2001 14:30:09 -0500 (EST) From: Mike Heffner <mheffner@vt.edu> To: "Jacques A. Vidrine" <n@nectar.com> Cc: FreeBSD-audit <FreeBSD-audit@freebsd.org> Subject: RE: [UPDATED] Re: patch for libc/net/hesiod.c Message-ID: <XFMail.20010131143009.mheffner@vt.edu> In-Reply-To: <20010131081659.C4720@hamlet.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 31-Jan-2001 Jacques A. Vidrine wrote:
| This is the patch I think should be applied. Comments?
|
Yes, this looks better and protects against truncation. I hadn't noticed the
pre-existing length checks before the strcat()'s. I'll forward your patch to
the address you mentioned in case they can use it.
| Thanks, Mike, for checking this stuff out!
No problem, thanks for reviewing! :)
|
| diff -u -r1.3 hesiod.c
| --- hesiod.c 2000/09/30 17:29:54 1.3
| +++ hesiod.c 2001/01/31 14:16:06
| @@ -162,7 +162,10 @@
| const char *rhs;
| int len;
|
| - strcpy(bindname, name);
| + if (strlcpy(bindname, name, sizeof(bindname)) >= sizeof(bindname)) {
| + errno = EMSGSIZE;
| + return NULL;
| + }
|
| /*
| * Find the right right hand side to use, possibly
|
| Cheers,
| --
| Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org
--
Mike Heffner <mheffner@vt.edu>
Blacksburg, VA ICQ# 882073
http://filebox.vt.edu/users/mheffner
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.20010131143009.mheffner>