Author: cem
Date: Fri Apr 14 00:36:45 2017
New Revision: 316802
URL: https://svnweb.freebsd.org/changeset/base/316802
Log:
bsdinstall(8): Sprinkle a snprintf to fixed size buffer
Use a snprintf to write an environment variable to a fixed-size buffer to
avoid stack overflow.
Reported by: Coverity (CWE-120)
CID: 1238926
Sponsored by: Dell EMC Isilon
Modified:
head/usr.sbin/bsdinstall/partedit/gpart_ops.c
Modified: head/usr.sbin/bsdinstall/partedit/gpart_ops.c
==============================================================================
--- head/usr.sbin/bsdinstall/partedit/gpart_ops.c Fri Apr 14 00:22:28
2017 (r316801)
+++ head/usr.sbin/bsdinstall/partedit/gpart_ops.c Fri Apr 14 00:36:45
2017 (r316802)
@@ -146,7 +146,7 @@ newfs_command(const char *fstype, char *
strcpy(command, "zpool create -f -m none ");
if (getenv("BSDINSTALL_TMPBOOT") != NULL) {
char zfsboot_path[MAXPATHLEN];
- sprintf(zfsboot_path, "%s/zfs",
+ snprintf(zfsboot_path, sizeof(zfsboot_path), "%s/zfs",
getenv("BSDINSTALL_TMPBOOT"));
mkdir(zfsboot_path, S_IRWXU | S_IRGRP | S_IXGRP |
S_IROTH | S_IXOTH);
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
