From owner-freebsd-audit Sat Aug 5 15:29:37 2000 Delivered-To: freebsd-audit@freebsd.org Received: from smtp1a.ispchannel.com (smtp.ispchannel.com [24.142.63.7]) by hub.freebsd.org (Postfix) with ESMTP id 4B2E037BB70 for ; Sat, 5 Aug 2000 15:29:35 -0700 (PDT) (envelope-from mheffner@mailandnews.com) Received: from muriel.penguinpowered.com ([208.138.198.109]) by smtp1a.ispchannel.com (InterMail vK.4.02.00.00 201-232-116 license 7d3764cdaca754bf8ae20adf0db2aa60) with ESMTP id <20000805223120.WGCQ8223.smtp1a@muriel.penguinpowered.com>; Sat, 5 Aug 2000 15:31:20 -0700 Content-Length: 752 Message-ID: X-Mailer: XFMail 1.4.4 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Sat, 05 Aug 2000 18:28:05 -0400 (EDT) Reply-To: Mike Heffner From: Mike Heffner To: Kris Kennaway Subject: RE: catopen() patch Cc: audit@freebsd.org Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 04-Aug-2000 Kris Kennaway wrote: | Can someone please review the following patch? | ... | ++nlspath; | - strcpy(pathP, name); | + if (strlcpy(pathP, name, spcleft) >= spcleft) { | + errno = ENAMETOOLONG; | + return(NLERR); | + } | pathP += strlen(name); | } else *(pathP++) = *nlspath; | } else *(pathP++) = *nlspath; ^^^^^^^^^^^^^^^^^^^^^ We can still walk right off the end. -- Mike Heffner Fredericksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message