Date: Fri, 7 Oct 2005 14:34:40 GMT From: "Olavi K." <olavi@ipunplugged.com> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/87067: Bug in crypto/openssh/openbsd-compat/bsd-misc.c::strdup() Message-ID: <200510071434.j97EYeXR085919@www.freebsd.org> Resent-Message-ID: <200510071440.j97EeGSS068566@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 87067 >Category: misc >Synopsis: Bug in crypto/openssh/openbsd-compat/bsd-misc.c::strdup() >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Oct 07 14:40:16 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Olavi K. >Release: FreeBSD 6.0-BETA5 >Organization: Ipunplugged >Environment: >Description: I accidently built libssh.so with an undefined HAVE_STRDUP thus causing libssh to use its built-in version of strdup. The code looks as: #ifndef HAVE_STRDUP char * strdup(const char *str) { size_t len; char *cp; len = strlen(str) + 1; cp = malloc(len); if (cp != NULL) if (strlcpy(cp, str, len) != len) { free(cp); return NULL; } return cp; } #endif The above is a longer version of 'return NULL'. >How-To-Repeat: #undef HAVE_STRDUP and build libssh.so >Fix: Change 'if (strlcpy(cp, str, len) != len)' -> 'if (strlcpy(cp, str, len) != (len-1))'. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510071434.j97EYeXR085919>