Date: Tue, 4 Aug 2015 02:56:32 +0000 (UTC) From: "Pedro F. Giffuni" <pfg@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r286268 - head/usr.bin/wall Message-ID: <201508040256.t742uWfQ053686@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pfg Date: Tue Aug 4 02:56:31 2015 New Revision: 286268 URL: https://svnweb.freebsd.org/changeset/base/286268 Log: Revert r286144 leaving the original fix to the buffer overflow. Some developers consider the new code unnecessarily obfuscated. There was also a benign off-by-one. Discussed with: bde, vangyzen, jmallett Modified: head/usr.bin/wall/ttymsg.c Modified: head/usr.bin/wall/ttymsg.c ============================================================================== --- head/usr.bin/wall/ttymsg.c Tue Aug 4 02:41:14 2015 (r286267) +++ head/usr.bin/wall/ttymsg.c Tue Aug 4 02:56:31 2015 (r286268) @@ -62,7 +62,7 @@ ttymsg(struct iovec *iov, int iovcnt, co struct iovec localiov[7]; ssize_t left, wret; int cnt, fd; - char device[MAXNAMLEN]; + char device[MAXNAMLEN] = _PATH_DEV; static char errbuf[1024]; char *p; int forked; @@ -71,9 +71,8 @@ ttymsg(struct iovec *iov, int iovcnt, co if (iovcnt > (int)(sizeof(localiov) / sizeof(localiov[0]))) return ("too many iov's (change code in wall/ttymsg.c)"); - strlcpy(device, _PATH_DEV, sizeof(device)); + strlcat(device, line, sizeof(device)); p = device + sizeof(_PATH_DEV) - 1; - strlcpy(p, line, sizeof(device) - sizeof(_PATH_DEV)); if (strncmp(p, "pts/", 4) == 0) p += 4; if (strchr(p, '/') != NULL) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201508040256.t742uWfQ053686>