Date: Sun, 6 Sep 2009 08:07:58 +0200 From: Hans Petter Selasky <hselasky@c2i.net> To: freebsd-usb@freebsd.org Cc: freebsd-gnats-submit@freebsd.org Subject: Re: usb/138559: [usb8] uether sysctl handler doesn't NUL-terminate the string Message-ID: <200909060807.59357.hselasky@c2i.net> In-Reply-To: <200909052214.n85ME42B047658@www.freebsd.org> References: <200909052214.n85ME42B047658@www.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 06 September 2009 00:14:04 Bruce Cran wrote: > >Number: 138559 > >Category: usb > >Synopsis: [usb8] uether sysctl handler doesn't NUL-terminate the > > string Confidential: no > >Severity: non-critical > >Priority: low > >Responsible: freebsd-usb > >State: open > >Quarter: > >Keywords: > >Date-Required: > >Class: sw-bug > >Submitter-Id: current-users > >Arrival-Date: Sat Sep 05 22:20:03 UTC 2009 > >Closed-Date: > >Last-Modified: > >Originator: Bruce Cran > >Release: 8.0-BETA3 > >Organization: > >Environment: > > FreeBSD gluon.draftnet 8.0-BETA3 FreeBSD 8.0-BETA3 #1: Fri Sep 4 09:20:32 > BST 2009 brucec@gluon.draftnet:/usr/obj/usr/src/sys/GENERIC i386 > > >Description: > > The sysctl handler in sys/dev/usb/net/usb_ethernet.c line 143 doesn't > NUL-terminate the sysctl string returned to the user because it passes the > length as "strlen(name)" instead of "strlen(name)+1". > > >How-To-Repeat: > > > >Fix: > > Patch attached with submission follows: > > --- usb_ethernet.c.orig 2009-09-05 21:35:09.000000000 +0100 > +++ usb_ethernet.c 2009-09-05 21:36:18.000000000 +0100 > @@ -146,7 +146,7 @@ > const char *name; > > name = device_get_nameunit(ue->ue_dev); > - return SYSCTL_OUT(req, name, strlen(name)); > + return SYSCTL_OUT(req, name, strlen(name) + 1); > } > > int > > >Release-Note: > >Audit-Trail: > >Unformatted: Hi, When plugging an USB ethernet adapter and printing out all sysctls, the parent string does not look corrupt. Are you sure that the terminating zero is not inserted somewhere else? --HPS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909060807.59357.hselasky>