From owner-freebsd-audit  Fri Aug  4 12:27:22 2000
Delivered-To: freebsd-audit@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP
	id D8CB637BB49; Fri,  4 Aug 2000 12:27:17 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id NAA75057;
	Fri, 4 Aug 2000 13:27:15 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id NAA12389; Fri, 4 Aug 2000 13:27:08 -0600 (MDT)
Message-Id: <200008041927.NAA12389@harmony.village.org>
To: Kris Kennaway <kris@hub.freebsd.org>
Subject: Re: ether_line() patch 
Cc: audit@FreeBSD.ORG
In-reply-to: Your message of "Fri, 04 Aug 2000 03:08:45 PDT."
		<Pine.BSF.4.21.0008040306140.96614-100000@hub.freebsd.org> 
References: <Pine.BSF.4.21.0008040306140.96614-100000@hub.freebsd.org>  
Date: Fri, 04 Aug 2000 13:27:08 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <Pine.BSF.4.21.0008040306140.96614-100000@hub.freebsd.org> Kris Kennaway writes:
: @@ -156,7 +178,7 @@
:  				strlen(ether_a), &result, &resultlen)) {
:  				continue;
:  			}
: -			strncpy(buf, result, resultlen);
: +			strncpy(buf, result, resultlen - 1);
:  			buf[resultlen] = '\0';
:  			free(result);
:  		}
: 

This change is wrong.  The strcpy puts upto resultlen characters into
buf, and then null terminates it at the resultlen + 1st character
(counting from 1).  The strncpy should therefore not have the -1.  Or
the line setting the buf[] = 0 should have it as well.

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message