Date: Wed, 4 Jan 2017 23:26:18 -0800 From: "Ngie Cooper (yaneurabeya)" <yaneurabeya@gmail.com> To: Juli Mallett <juli@clockworksquid.com> Cc: Jilles Tjoelker <jilles@stack.nl>, Ngie Cooper <ngie@freebsd.org>, src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r311233 - head/contrib/netbsd-tests/fs/tmpfs Message-ID: <DCA3C2EC-EF7A-470D-92DB-199D8BD76EF5@gmail.com> In-Reply-To: <BC5AB049-8DE3-4B60-88AA-95F8377513E9@gmail.com> References: <201701040246.v042kaEh039041@repo.freebsd.org> <20170104233650.GB17765@stack.nl> <CACVs6=9Ku1X8PG1d65XqAQ_ivpsLxF9VJy_06S%2BT-Ve%2BQN6YTw@mail.gmail.com> <BC5AB049-8DE3-4B60-88AA-95F8377513E9@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_E8D1BBDA-0DF9-4ADF-AB26-B81705D26167 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Jan 4, 2017, at 22:29, Ngie Cooper <yaneurabeya@gmail.com> wrote: >=20 >=20 >> On Jan 4, 2017, at 15:45, Juli Mallett <juli@clockworksquid.com> = wrote: >>=20 >>> On Wed, Jan 4, 2017 at 3:36 PM, Jilles Tjoelker <jilles@stack.nl> = wrote: >>>> On Wed, Jan 04, 2017 at 02:46:36AM +0000, Ngie Cooper wrote: >>>> - Initialize .sun_len before passing it to strlcpy and bind. >>> It would be better to avoid naming the non-portable sun_len field if = it >>> is just to make Coverity happy. I suggest initializing the structure >>> with designated initializers or memset(). >>>=20 >>> Apart from that, the value for sun_len is wrong; it should be the = length >>> of the whole structure and not just the sun_path part. Fortunately, = the >>> field is ignored by bind(), which uses the addrlen parameter = instead. >=20 > The problem was the strcpy and the fact that the code didn't check the = input buffer to make sure it didn't overrun the destination buffer. Bah.. I misremembered the fact that it was using strlcpy before and = after=E2=80=A6 -Ngie --Apple-Mail=_E8D1BBDA-0DF9-4ADF-AB26-B81705D26167 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYbfUbAAoJEPWDqSZpMIYVMSgP/Rf3U+6Vwlhw0nRbXdH+9RF+ sVG1H+Vz6K0+EEAaPPYCJi6HcXjXklsURhYxDuGtJaq0Hxz2peGXScPxjsaIOchP 7mSOFxX15cFz9jwaTaXaj0FyYQ1pFjmx7jmH49De2Pmu9/E5xBCZDPa1J7Leet4C bdvC9AX/U+/M/UPpgude6yOM73Xpo65LO+DjgCLLhkPj72Ij7tyc0kankLyCLK1h zZGf0Hyb/l+WS7JCOYCKhFSxIS0XisGs+foYZ1JJc/kzitgdxVtOyqhjYrQy8OW4 7RZYaUMjzZUIYernyTwY2eTikG7Zvi+2KlJWV1V8ppIfCF9pwvlYBL31CwcAobHr DRci90y79aGrQWvG/bnmqfs52XQo2EVt190u1sqLT/nmpBvZBnTfXKeoTHDRKZxA p8HJJKdLTyrR/oj3gB4L+bvD+dAGZjZYbGitvUTzkmMiRHgauc2eORlxXPL8TpN7 pNdHQzq4GXV8dyLPIjDp6Zj39cieqz8oFXtVw8NR6+hk9xXA1fGhkdrMyJxli/on l7qAaThoosg8i+e3L45iK1bS+AtJTDGevmo6W0rWq2V3k+qNKekA+PrVzP9d7ciw 5/kRLJNFp+s+d//yc6BTM3uk+VteosBDT72cGvbJxxCbbnhCcCRvryqilwwwROmK Zgu/SfLbWOelMx+wg5bI =nO3T -----END PGP SIGNATURE----- --Apple-Mail=_E8D1BBDA-0DF9-4ADF-AB26-B81705D26167--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DCA3C2EC-EF7A-470D-92DB-199D8BD76EF5>