Date: Thu, 16 Aug 2018 18:37:48 +0000 (UTC) From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r337921 - head/lib/libbe Message-ID: <201808161837.w7GIbmLi044921@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kevans Date: Thu Aug 16 18:37:47 2018 New Revision: 337921 URL: https://svnweb.freebsd.org/changeset/base/337921 Log: libbe(3): Prefer safer versions of strcat/strcpy Or, in the activate case, just use snprintf since that's effectively what we're doing anyways. Modified: head/lib/libbe/be.c head/lib/libbe/be_access.c head/lib/libbe/libbe.3 Modified: head/lib/libbe/be.c ============================================================================== --- head/lib/libbe/be.c Thu Aug 16 18:35:39 2018 (r337920) +++ head/lib/libbe/be.c Thu Aug 16 18:37:47 2018 (r337921) @@ -91,7 +91,6 @@ libbe_init(void) lbh = NULL; poolname = pos = NULL; - pnamelen = 0; rootds = NULL; /* Verify that /boot and / are mounted on the same filesystem */ @@ -138,6 +137,8 @@ libbe_init(void) strlcpy(poolname, lbh->root, pnamelen + 1); if ((lbh->active_phandle = zpool_open(lbh->lzh, poolname)) == NULL) goto err; + free(poolname); + poolname = NULL; if (zpool_get_prop(lbh->active_phandle, ZPOOL_PROP_BOOTFS, lbh->bootfs, sizeof(lbh->bootfs), NULL, true) != 0) @@ -218,7 +219,6 @@ be_destroy(libbe_handle_t *lbh, const char *name, int p = path; force = options & BE_DESTROY_FORCE; - err = BE_ERR_SUCCESS; be_root_concat(lbh, name, path); @@ -274,8 +274,12 @@ be_snapshot(libbe_handle_t *lbh, const char *source, c return (BE_ERR_NOENT); if (snap_name != NULL) { - strcat(buf, "@"); - strcat(buf, snap_name); + if (strlcat(buf, "@", sizeof(buf)) >= sizeof(buf)) + return (set_error(lbh, BE_ERR_INVALIDNAME)); + + if (strlcat(buf, snap_name, sizeof(buf)) >= sizeof(buf)) + return (set_error(lbh, BE_ERR_INVALIDNAME)); + if (result != NULL) snprintf(result, BE_MAXPATHLEN, "%s@%s", source, snap_name); @@ -284,8 +288,9 @@ be_snapshot(libbe_handle_t *lbh, const char *source, c len = strlen(buf); strftime(buf + len, sizeof(buf) - len, "@%F-%T", localtime(&rawtime)); - if (result != NULL) - strcpy(result, strrchr(buf, '/') + 1); + if (result != NULL && strlcpy(result, strrchr(buf, '/') + 1, + sizeof(buf)) >= sizeof(buf)) + return (set_error(lbh, BE_ERR_INVALIDNAME)); } if ((err = zfs_snapshot(lbh->lzh, buf, recursive, NULL)) != 0) { @@ -942,9 +947,7 @@ be_activate(libbe_handle_t *lbh, const char *bootenv, return (set_error(lbh, BE_ERR_UNKNOWN)); /* Expected format according to zfsbootcfg(8) man */ - strcpy(buf, "zfs:"); - strcat(buf, be_path); - strcat(buf, ":"); + snprintf(buf, sizeof(buf), "zfs:%s:", be_path); /* We have no config tree */ if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE, Modified: head/lib/libbe/be_access.c ============================================================================== --- head/lib/libbe/be_access.c Thu Aug 16 18:35:39 2018 (r337920) +++ head/lib/libbe/be_access.c Thu Aug 16 18:37:47 2018 (r337921) @@ -124,7 +124,7 @@ be_mount(libbe_handle_t *lbh, char *bootenv, char *mou /* Create mountpoint if it is not specified */ if (mountpoint == NULL) { - strcpy(mnt_temp, "/tmp/be_mount.XXXX"); + strlcpy(mnt_temp, "/tmp/be_mount.XXXX", sizeof(mnt_temp)); if (mkdtemp(mnt_temp) == NULL) return (set_error(lbh, BE_ERR_IO)); } @@ -149,7 +149,8 @@ be_mount(libbe_handle_t *lbh, char *bootenv, char *mou } if (result_loc != NULL) - strcpy(result_loc, mountpoint == NULL ? mnt_temp : mountpoint); + strlcpy(result_loc, mountpoint == NULL ? mnt_temp : mountpoint, + BE_MAXPATHLEN); return (BE_ERR_SUCCESS); } Modified: head/lib/libbe/libbe.3 ============================================================================== --- head/lib/libbe/libbe.3 Thu Aug 16 18:35:39 2018 (r337920) +++ head/lib/libbe/libbe.3 Thu Aug 16 18:37:47 2018 (r337921) @@ -28,7 +28,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 12, 2018 +.Dd August 16, 2018 .Dt LIBBE 3 .Os .Sh NAME @@ -267,6 +267,9 @@ If .Fa result is not .Dv NULL , +it should be large enough to accommodate +.Dv BE_MAXPATHLEN +including the null terminator. the final mount point will be copied into it. Setting the .Dv BE_MNT_FORCE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808161837.w7GIbmLi044921>