Date: Fri, 20 May 2016 06:35:14 +0000 (UTC) From: Don Lewis <truckman@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r300272 - stable/10/lib/libutil Message-ID: <201605200635.u4K6ZEs3084843@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: truckman Date: Fri May 20 06:35:14 2016 New Revision: 300272 URL: https://svnweb.freebsd.org/changeset/base/300272 Log: MFC r299581 Use strlcpy() instead of strncpy() to ensure that qf->fsname is NUL terminated. Don't bother checking for truncation since the subsequent stat() call should detect that and fail. Reported by: Coverity CID: 1018189 Modified: stable/10/lib/libutil/quotafile.c Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libutil/quotafile.c ============================================================================== --- stable/10/lib/libutil/quotafile.c Fri May 20 06:33:02 2016 (r300271) +++ stable/10/lib/libutil/quotafile.c Fri May 20 06:35:14 2016 (r300272) @@ -124,7 +124,7 @@ quota_open(struct fstab *fs, int quotaty return (NULL); qf->fd = -1; qf->quotatype = quotatype; - strncpy(qf->fsname, fs->fs_file, sizeof(qf->fsname)); + strlcpy(qf->fsname, fs->fs_file, sizeof(qf->fsname)); if (stat(qf->fsname, &st) != 0) goto error; qf->dev = st.st_dev;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605200635.u4K6ZEs3084843>