From owner-freebsd-audit Wed Dec 6 7:55:21 2000 From owner-freebsd-audit@FreeBSD.ORG Wed Dec 6 07:55:18 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id EFA4D37B402 for ; Wed, 6 Dec 2000 07:55:17 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1000) id B11D21360E; Wed, 6 Dec 2000 10:55:23 -0500 (EST) Date: Wed, 6 Dec 2000 10:55:23 -0500 From: Chris Faulhaber To: freebsd-audit@FreeBSD.org Subject: libutil diff Message-ID: <20001206105523.A52977@peitho.fxp.org> Mail-Followup-To: Chris Faulhaber , freebsd-audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG For today's diff, we present libutil: - sprintf() -> snprintf() - do not attempt to manipulate a malloc()'d struct if it is NULL - strcpy() -> strlcpy() I could not find any limits/restrictions on the variables used in the corrected sprintf()/strcpy() calls, so these seem safer. For more patches up for review, see: http://www.fxp.org/~jedgar/FreeBSD/diffs/ -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org Index: login_class.c =================================================================== RCS file: /home/ncvs/src/lib/libutil/login_class.c,v retrieving revision 1.15 diff -u -r1.15 login_class.c --- login_class.c 2000/07/14 13:56:07 1.15 +++ login_class.c 2000/12/06 15:05:31 @@ -91,8 +91,8 @@ rlim_t rcur = rlim.rlim_cur; rlim_t rmax = rlim.rlim_max; - sprintf(name_cur, "%s-cur", lr->what); - sprintf(name_max, "%s-max", lr->what); + snprintf(name_cur, sizeof(name_cur), "%s-cur", lr->what); + snprintf(name_max, sizeof(name_cur), "%s-max", lr->what); rcur = (*lr->who)(lc, lr->what, rcur, rcur); rmax = (*lr->who)(lc, lr->what, rmax, rmax); Index: property.c =================================================================== RCS file: /home/ncvs/src/lib/libutil/property.c,v retrieving revision 1.7 diff -u -r1.7 property.c --- property.c 2000/11/09 00:28:22 1.7 +++ property.c 2000/12/06 15:05:31 @@ -47,9 +47,11 @@ properties n; n = (properties)malloc(sizeof(struct _property)); - n->next = NULL; - n->name = name ? strdup(name) : NULL; - n->value = value ? strdup(value) : NULL; + if (n != NULL) { + n->next = NULL; + n->name = name ? strdup(name) : NULL; + n->value = value ? strdup(value) : NULL; + } return n; } Index: pty.c =================================================================== RCS file: /home/ncvs/src/lib/libutil/pty.c,v retrieving revision 1.10 diff -u -r1.10 pty.c --- pty.c 1999/08/28 00:05:51 1.10 +++ pty.c 2000/12/06 15:05:31 @@ -87,7 +87,7 @@ *amaster = master; *aslave = slave; if (name) - strcpy(name, line); + strlcpy(name, line, sizeof(name)); if (termp) (void) tcsetattr(slave, TCSAFLUSH, termp); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message