Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 9 Aug 2018 02:47:22 +0000 (UTC)
From:      Xin LI <delphij@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r337522 - head/usr.sbin/tzsetup
Message-ID:  <201808090247.w792lMrj093601@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: delphij
Date: Thu Aug  9 02:47:22 2018
New Revision: 337522
URL: https://svnweb.freebsd.org/changeset/base/337522

Log:
  In read_zones(), check if the file name actually fit in the buffer
  and make sure it would terminate with nul with strlcpy().
  
  Reviewed by:	imp (earlier revision)
  MFC after:	2 weeks
  Differential Revision:	https://reviews.freebsd.org/D16595

Modified:
  head/usr.sbin/tzsetup/tzsetup.c

Modified: head/usr.sbin/tzsetup/tzsetup.c
==============================================================================
--- head/usr.sbin/tzsetup/tzsetup.c	Thu Aug  9 02:27:18 2018	(r337521)
+++ head/usr.sbin/tzsetup/tzsetup.c	Thu Aug  9 02:47:22 2018	(r337522)
@@ -481,7 +481,7 @@ read_zones(void)
 	char		contbuf[16];
 	FILE		*fp;
 	struct continent *cont;
-	size_t		len;
+	size_t		len, contlen;
 	char		*line, *tlc, *file, *descr, *p;
 	int		lineno;
 
@@ -504,12 +504,16 @@ read_zones(void)
 			    path_zonetab, lineno, tlc);
 		/* coord = */ strsep(&line, "\t");	 /* Unused */
 		file = strsep(&line, "\t");
+		/* get continent portion from continent/country */
 		p = strchr(file, '/');
 		if (p == NULL)
 			errx(1, "%s:%d: invalid zone name `%s'", path_zonetab,
 			    lineno, file);
-		contbuf[0] = '\0';
-		strncat(contbuf, file, p - file);
+		contlen = p - file + 1;		/* trailing nul */
+		if (contlen > sizeof(contbuf))
+			errx(1, "%s:%d: continent name in zone name `%s' too long",
+			    path_zonetab, lineno, file);
+		strlcpy(contbuf, file, contlen);
 		cont = find_continent(contbuf);
 		if (!cont)
 			errx(1, "%s:%d: invalid region `%s'", path_zonetab,



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808090247.w792lMrj093601>