From owner-svn-src-all@FreeBSD.ORG  Wed Dec  5 20:39:11 2012
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id E5B58564;
 Wed,  5 Dec 2012 20:39:11 +0000 (UTC)
 (envelope-from pawel@dawidek.net)
Received: from mail.dawidek.net (garage.dawidek.net [91.121.88.72])
 by mx1.freebsd.org (Postfix) with ESMTP id 20CC68FC14;
 Wed,  5 Dec 2012 20:39:11 +0000 (UTC)
Received: from localhost (89-73-195-149.dynamic.chello.pl [89.73.195.149])
 by mail.dawidek.net (Postfix) with ESMTPSA id AD8FCBD4;
 Wed,  5 Dec 2012 21:37:08 +0100 (CET)
Date: Wed, 5 Dec 2012 21:40:31 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: Eitan Adler <eadler@FreeBSD.org>
Subject: Re: svn commit: r243895 - head/usr.sbin/pw
Message-ID: <20121205204030.GB1423@garage.freebsd.pl>
References: <201212051356.qB5Duks1068301@svn.freebsd.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="96YOpH+ONegL0A3E"
Content-Disposition: inline
In-Reply-To: <201212051356.qB5Duks1068301@svn.freebsd.org>
X-OS: FreeBSD 10.0-CURRENT amd64
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org,
 src-committers@freebsd.org
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Dec 2012 20:39:12 -0000


--96YOpH+ONegL0A3E
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Dec 05, 2012 at 01:56:46PM +0000, Eitan Adler wrote:
> Author: eadler
> Date: Wed Dec  5 13:56:46 2012
> New Revision: 243895
> URL: http://svnweb.freebsd.org/changeset/base/243895
>=20
> Log:
>   Avoid overflow of file buffer

Buffer won't overflow, but the path will be truncated, which is neither
detected nor handled.

>   Submitted by:	db
>   Approved by:	cperciva
>   MFC after:	2 weeks
>=20
> Modified:
>   head/usr.sbin/pw/pw_user.c
>=20
> Modified: head/usr.sbin/pw/pw_user.c
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- head/usr.sbin/pw/pw_user.c	Wed Dec  5 13:56:43 2012	(r243894)
> +++ head/usr.sbin/pw/pw_user.c	Wed Dec  5 13:56:46 2012	(r243895)
> @@ -394,7 +394,7 @@ pw_user(struct userconf * cnf, int mode,
>  				/*
>  				 * Remove crontabs
>  				 */
> -				sprintf(file, "/var/cron/tabs/%s", pwd->pw_name);
> +				snprintf(file, sizeof(file), "/var/cron/tabs/%s", pwd->pw_name);
>  				if (access(file, F_OK) =3D=3D 0) {
>  					sprintf(file, "crontab -u %s -r", pwd->pw_name);
>  					system(file);

--=20
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://tupytaj.pl

--96YOpH+ONegL0A3E
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)

iEYEARECAAYFAlC/sT4ACgkQForvXbEpPzS2kACghWrgxGtoRPGeaQBFZSyKzfl4
LS8AoM2X1e62BHS644YHGXPnUGizXkJM
=fxl4
-----END PGP SIGNATURE-----

--96YOpH+ONegL0A3E--