Date: Thu, 12 May 2016 08:41:22 +0000 (UTC) From: Don Lewis <truckman@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r299524 - head/usr.bin/mklocale Message-ID: <201605120841.u4C8fMoT028579@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: truckman Date: Thu May 12 08:41:22 2016 New Revision: 299524 URL: https://svnweb.freebsd.org/changeset/base/299524 Log: Use strlcpy() instead of strncpy() when copying the encoding value to ensure that the destination is NUL terminated. Length truncation of one more character should not be an issue since encoding values that long are not supported by libc. The destination string is treated as a NUL terminated string, but it is only passed to strcmp() for comparison to a set of shorter, fixed length strings, so this is not a serious problem. Reported by: Coverity CID: 974769 MFC after: 1 week Modified: head/usr.bin/mklocale/yacc.y Modified: head/usr.bin/mklocale/yacc.y ============================================================================== --- head/usr.bin/mklocale/yacc.y Thu May 12 07:38:10 2016 (r299523) +++ head/usr.bin/mklocale/yacc.y Thu May 12 08:41:22 2016 (r299524) @@ -123,7 +123,7 @@ entry : ENCODING STRING strcmp($2, "BIG5") && strcmp($2, "MSKanji")) warnx("ENCODING %s is not supported by libc", $2); - strncpy(new_locale.encoding, $2, + strlcpy(new_locale.encoding, $2, sizeof(new_locale.encoding)); } | VARIABLE { new_locale.variable_len = strlen($1) + 1;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605120841.u4C8fMoT028579>