Isn’t strlcpy() the more appropriate interface? strncpy doesn’t guarantee NUL termination.
Warner > On Dec 18, 2015, at 2:58 PM, Pedro F. Giffuni <p...@freebsd.org> wrote: > > Author: pfg > Date: Fri Dec 18 21:58:42 2015 > New Revision: 292454 > URL: https://svnweb.freebsd.org/changeset/base/292454 > > Log: > ed(1): Prevent possible string overflows > > CID: 1007252 > MFC after: 2 weeks > > Modified: > head/bin/ed/main.c > > Modified: head/bin/ed/main.c > ============================================================================== > --- head/bin/ed/main.c Fri Dec 18 21:34:28 2015 (r292453) > +++ head/bin/ed/main.c Fri Dec 18 21:58:42 2015 (r292454) > @@ -505,7 +505,8 @@ exec_command(void) > return ERR; > else if (open_sbuf() < 0) > return FATAL; > - if (*fnp && *fnp != '!') strcpy(old_filename, fnp); > + if (*fnp && *fnp != '!') > + strncpy(old_filename, fnp, PATH_MAX); > #ifdef BACKWARDS > if (*fnp == '\0' && *old_filename == '\0') { > errmsg = "no current filename"; > @@ -532,7 +533,8 @@ exec_command(void) > return ERR; > } > GET_COMMAND_SUFFIX(); > - if (*fnp) strcpy(old_filename, fnp); > + if (*fnp) > + strncpy(old_filename, fnp, PATH_MAX); > printf("%s\n", strip_escapes(old_filename)); > break; > case 'g': > @@ -663,7 +665,7 @@ exec_command(void) > GET_COMMAND_SUFFIX(); > if (!isglobal) clear_undo_stack(); > if (*old_filename == '\0' && *fnp != '!') > - strcpy(old_filename, fnp); > + strncpy(old_filename, fnp, PATH_MAX); > #ifdef BACKWARDS > if (*fnp == '\0' && *old_filename == '\0') { > errmsg = "no current filename"; > @@ -797,7 +799,7 @@ exec_command(void) > return ERR; > GET_COMMAND_SUFFIX(); > if (*old_filename == '\0' && *fnp != '!') > - strcpy(old_filename, fnp); > + strncpy(old_filename, fnp, PATH_MAX); > #ifdef BACKWARDS > if (*fnp == '\0' && *old_filename == '\0') { > errmsg = "no current filename"; >
signature.asc
Description: Message signed with OpenPGP using GPGMail
