From owner-svn-src-head@freebsd.org Wed Jun 8 05:32:40 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E84D0B6FE91; Wed, 8 Jun 2016 05:32:40 +0000 (UTC) (envelope-from truckman@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B60821D39; Wed, 8 Jun 2016 05:32:40 +0000 (UTC) (envelope-from truckman@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u585Wd3K063024; Wed, 8 Jun 2016 05:32:39 GMT (envelope-from truckman@FreeBSD.org) Received: (from truckman@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u585Wd6D063023; Wed, 8 Jun 2016 05:32:39 GMT (envelope-from truckman@FreeBSD.org) Message-Id: <201606080532.u585Wd6D063023@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: truckman set sender to truckman@FreeBSD.org using -f From: Don Lewis Date: Wed, 8 Jun 2016 05:32:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r301582 - head/bin/setfacl X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2016 05:32:41 -0000 Author: truckman Date: Wed Jun 8 05:32:39 2016 New Revision: 301582 URL: https://svnweb.freebsd.org/changeset/base/301582 Log: Explicitly NUL terminate the buffer filled by fread(). The fix in r300649 was not sufficient to convince Coverity that the buffer was NUL terminated, even with the buffer pre-zeroed. Swap the size and nmemb arguments to fread() so that a valid lenght is returned, which we can use to terminate the string in the buffer at the correct location. This should also quiet the complaint about the return value of fread() not being checked. Reported by: Coverity CID: 1019054, 1009614 MFC after: 1 week Modified: head/bin/setfacl/file.c Modified: head/bin/setfacl/file.c ============================================================================== --- head/bin/setfacl/file.c Wed Jun 8 04:49:20 2016 (r301581) +++ head/bin/setfacl/file.c Wed Jun 8 05:32:39 2016 (r301582) @@ -43,13 +43,12 @@ acl_t get_acl_from_file(const char *filename) { FILE *file; + size_t len; char buf[BUFSIZ+1]; if (filename == NULL) err(1, "(null) filename in get_acl_from_file()"); - bzero(&buf, sizeof(buf)); - if (strcmp(filename, "-") == 0) { if (have_stdin != 0) err(1, "cannot specify more than one stdin"); @@ -61,7 +60,8 @@ get_acl_from_file(const char *filename) err(1, "fopen() %s failed", filename); } - fread(buf, sizeof(buf) - 1, (size_t)1, file); + len = fread(buf, (size_t)1, sizeof(buf) - 1, file); + buf[len] = '\0'; if (ferror(file) != 0) { fclose(file); err(1, "error reading from %s", filename);