Date: Sat, 05 Aug 2000 18:28:05 -0400 (EDT) From: Mike Heffner <mheffner@mailandnews.com> To: Kris Kennaway <kris@hub.freebsd.org> Cc: audit@freebsd.org Subject: RE: catopen() patch Message-ID: <XFMail.20000805182805.mheffner@mailandnews.com> In-Reply-To: <Pine.BSF.4.21.0008040128220.66197-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04-Aug-2000 Kris Kennaway wrote:
| Can someone please review the following patch?
|
...
| ++nlspath;
| - strcpy(pathP, name);
| + if (strlcpy(pathP, name, spcleft) >= spcleft) {
| + errno = ENAMETOOLONG;
| + return(NLERR);
| + }
| pathP += strlen(name);
| } else *(pathP++) = *nlspath;
| } else *(pathP++) = *nlspath;
^^^^^^^^^^^^^^^^^^^^^
We can still walk right off the end.
--
Mike Heffner <spock@techfour.net>
Fredericksburg, VA ICQ# 882073
http://my.ispchannel.com/~mheffner
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.20000805182805.mheffner>