From owner-freebsd-audit Mon Dec 4 18:43:45 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 18:43:43 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from iclub.nsu.ru (iclub.nsu.ru [193.124.222.66]) by hub.freebsd.org (Postfix) with ESMTP id DD46D37B400 for ; Mon, 4 Dec 2000 18:43:41 -0800 (PST) Received: from localhost (fjoe@localhost) by iclub.nsu.ru (8.11.1/8.11.1) with ESMTP id eB52hRR79642; Tue, 5 Dec 2000 08:43:27 +0600 (NS) (envelope-from fjoe@iclub.nsu.ru) Date: Tue, 5 Dec 2000 08:43:26 +0600 (NS) From: Max Khon To: Will Andrews Cc: audit@FreeBSD.ORG Subject: Re: usr.bin audit patch In-Reply-To: <20001204201058.W570@puck.firepipe.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG hi, there! On Mon, 4 Dec 2000, Will Andrews wrote: > This is a bit of auditing I did on usr.bin (about half of it anyway). > There's probably a lot of false positives here. Sorry for being a lame > auditer. Feel free to enlighten me. :-) Index: apply/apply.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/apply/apply.c,v retrieving revision 1.10 diff -u -r1.10 apply.c --- apply/apply.c 2000/10/16 08:11:48 1.10 +++ apply/apply.c 2000/12/05 01:00:48 @@ -124,9 +124,9 @@ nargs = 1; p = cmd; - p += sprintf(cmd, "exec %s", argv[0]); + p += snprintf(cmd, sizeof(cmd), "exec %s", argv[0]); for (i = 1; i <= nargs; i++) - p += sprintf(p, " %c%d", magic, i); + p += snprintf(p, sizeof(p), " %c%d", magic, i); sizeof(p) == sizeof(void *) (== 4 on i386) -- it is not what your tried to achieve. also do not use strncpy/strncat instead of strcpy/strcat. in most cases this is useless -- use strlcpy/strlcat instead /fjoe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message