svn commit: r273693 - head/sys/cam/ctl

Alexander Motin Sun, 26 Oct 2014 08:29:20 -0700

Author: mav
Date: Sun Oct 26 15:28:07 2014
New Revision: 273693
URL: https://svnweb.freebsd.org/changeset/base/273693


Log:
  Fix printing non-terminated strings in devlist XML.
  
  MFC after:    1 week

Modified:
  head/sys/cam/ctl/ctl.c
  head/sys/cam/ctl/ctl.h

Modified: head/sys/cam/ctl/ctl.c
==============================================================================
--- head/sys/cam/ctl/ctl.c      Sun Oct 26 14:43:02 2014        (r273692)
+++ head/sys/cam/ctl/ctl.c      Sun Oct 26 15:28:07 2014        (r273693)
@@ -2200,13 +2200,14 @@ ctl_copyout_args(int num_args, struct ct
  * Escape characters that are illegal or not recommended in XML.
  */
 int
-ctl_sbuf_printf_esc(struct sbuf *sb, char *str)
+ctl_sbuf_printf_esc(struct sbuf *sb, char *str, int size)
 {
+       char *end = str + size;
        int retval;
 
        retval = 0;
 
-       for (; *str; str++) {
+       for (; *str && str < end; str++) {
                switch (*str) {
                case '&':
                        retval = sbuf_printf(sb, "&amp;");
@@ -3198,7 +3199,8 @@ ctl_ioctl(struct cdev *dev, u_long cmd, 
                                break;
 
                        retval = ctl_sbuf_printf_esc(sb,
-                                                    lun->be_lun->serial_num);
+                           lun->be_lun->serial_num,
+                           sizeof(lun->be_lun->serial_num));
 
                        if (retval != 0)
                                break;
@@ -3213,7 +3215,9 @@ ctl_ioctl(struct cdev *dev, u_long cmd, 
                        if (retval != 0)
                                break;
 
-                       retval = ctl_sbuf_printf_esc(sb,lun->be_lun->device_id);
+                       retval = ctl_sbuf_printf_esc(sb,
+                           lun->be_lun->device_id,
+                           sizeof(lun->be_lun->device_id));
 
                        if (retval != 0)
                                break;

Modified: head/sys/cam/ctl/ctl.h
==============================================================================
--- head/sys/cam/ctl/ctl.h      Sun Oct 26 14:43:02 2014        (r273692)
+++ head/sys/cam/ctl/ctl.h      Sun Oct 26 15:28:07 2014        (r273693)
@@ -156,7 +156,7 @@ int ctl_port_list(struct ctl_port_entry 
  * Put a string into an sbuf, escaping characters that are illegal or not
  * recommended in XML.  Note this doesn't escape everything, just > < and &.
  */
-int ctl_sbuf_printf_esc(struct sbuf *sb, char *str);
+int ctl_sbuf_printf_esc(struct sbuf *sb, char *str, int size);
 
 int ctl_ffz(uint32_t *mask, uint32_t size);
 int ctl_set_mask(uint32_t *mask, uint32_t bit);
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r273693 - head/sys/cam/ctl

Reply via email to