Site Navigation

Date:      Wed, 10 May 2017 09:40:28 -0600
From:      Alan Somers <asomers@freebsd.org>
To:        Warner Losh <imp@bsdimp.com>
Cc:        src-committers <src-committers@freebsd.org>,  "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>,  "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>
Subject:   Re: svn commit: r318141 - head/usr.bin/mkuzip
Message-ID:  <CAOtMX2gmKx%2BmcoPwDjacB4Q0Bv7wDLRbxjzQ4Tq_CwN_B_KxMQ@mail.gmail.com>
In-Reply-To: <CANCZdfqPvXeKk%2Bj=TFdRqoUOObstutL81aMF_3EN6TuMvF%2BU-Q@mail.gmail.com>
References:  <201705101527.v4AFRbbu005469@repo.freebsd.org> <CANCZdfqPvXeKk%2Bj=TFdRqoUOObstutL81aMF_3EN6TuMvF%2BU-Q@mail.gmail.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

Hmm.  I thought that assert(e) would get turned into e when -DNDEBUG.
But looking at the header, you're right.  I'll fix it soon.  Good
catch.
-Alan

On Wed, May 10, 2017 at 9:32 AM, Warner Losh <imp@bsdimp.com> wrote:
> Doesn't assert get compiled out, which would cause strlcpy to never happen?
>
> Warner
>
> On Wed, May 10, 2017 at 9:27 AM, Alan Somers <asomers@freebsd.org> wrote:
>> Author: asomers
>> Date: Wed May 10 15:27:36 2017
>> New Revision: 318141
>> URL: https://svnweb.freebsd.org/changeset/base/318141
>>
>> Log:
>>   strcpy => strlcpy
>>
>>   Reported by:  Coverity
>>   CID:          1352771
>>   MFC after:    3 weeks
>>   Sponsored by: Spectra Logic Corp
>>
>> Modified:
>>   head/usr.bin/mkuzip/mkuzip.c
>>
>> Modified: head/usr.bin/mkuzip/mkuzip.c
>> ==============================================================================
>> --- head/usr.bin/mkuzip/mkuzip.c        Wed May 10 15:20:39 2017        (r318140)
>> +++ head/usr.bin/mkuzip/mkuzip.c        Wed May 10 15:27:36 2017        (r318141)
>> @@ -192,7 +192,8 @@ int main(int argc, char **argv)
>>                 /* Not reached */
>>         }
>>
>> -       strcpy(hdr.magic, cfs.handler->magic);
>> +       assert(strlcpy(hdr.magic, cfs.handler->magic, sizeof(hdr.magic))
>> +           < sizeof(hdr.magic));
>>
>>         if (cfs.en_dedup != 0) {
>>                 hdr.magic[CLOOP_OFS_VERSN] = CLOOP_MAJVER_3;
>>

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtMX2gmKx%2BmcoPwDjacB4Q0Bv7wDLRbxjzQ4Tq_CwN_B_KxMQ>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact