Site Navigation

Date:      Wed, 3 Feb 2016 02:06:48 +0000 (UTC)
From:      Garrett Cooper <ngie@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-user@freebsd.org
Subject:   svn commit: r295191 - user/ngie/bsnmp_cleanup/usr.sbin/bsnmpd/tools/libbsnmptools
Message-ID:  <201602030206.u1326mcP054984@repo.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

Author: ngie
Date: Wed Feb  3 02:06:48 2016
New Revision: 295191
URL: https://svnweb.freebsd.org/changeset/base/295191

Log:
  1. Use destination buffer instead of source buffer size to mute valid
     security concerns with strlcpy related to their respective buffer
     sizes (-Wstrlcpy-strlcat-size)
  2. Don't try free'ing string in snmp_oid2asn_oid(..) -- it's allocated
     on the stack in the function, not the heap.
  
  Reported by: Jenkins (clang job) [1], Jenkins (gcc 4.9 job) [2]
  Sponsored by: EMC / Isilon Storage Division

Modified:
  user/ngie/bsnmp_cleanup/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c

Modified: user/ngie/bsnmp_cleanup/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
==============================================================================
--- user/ngie/bsnmp_cleanup/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c	Wed Feb  3 02:03:00 2016	(r295190)
+++ user/ngie/bsnmp_cleanup/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c	Wed Feb  3 02:06:48 2016	(r295191)
@@ -266,7 +266,7 @@ add_filename(struct snmp_toolinfo *snmpt
 
 	if (cut != NULL)
 		asn_append_oid(&(entry->cut), cut);
-	strlcpy(fstring, filename, strlen(filename) + 1);
+	strlcpy(fstring, filename, sizeof(fstring));
 	entry->name = fstring;
 	entry->done = done;
 	SLIST_INSERT_HEAD(&snmptoolctx->filelist, entry, link);
@@ -1076,13 +1076,11 @@ snmp_oid2asn_oid(struct snmp_toolinfo *s
 		if (snmp_suboid_append(oid, (asn_subid_t) obj.val.var.len) < 0)
 			return (NULL);
 	} else {
-		strlcpy(string, str, i + 1);
-		string[i] = '\0';
+		strlcpy(string, str, MAX(i + 1, sizeof(string)));
 		if (snmp_lookup_enumoid(snmptoolctx, &obj, string) < 0) {
 			warnx("Unknown string - %s",string);
 			return (NULL);
 		}
-		free(string);
 	}
 
 	asn_append_oid(oid, &(obj.val.var));

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201602030206.u1326mcP054984>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact