Date: Wed, 10 May 2017 09:32:29 -0600 From: Warner Losh <imp@bsdimp.com> To: Alan Somers <asomers@freebsd.org> Cc: src-committers <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "svn-src-head@freebsd.org" <svn-src-head@freebsd.org> Subject: Re: svn commit: r318141 - head/usr.bin/mkuzip Message-ID: <CANCZdfqPvXeKk%2Bj=TFdRqoUOObstutL81aMF_3EN6TuMvF%2BU-Q@mail.gmail.com> In-Reply-To: <201705101527.v4AFRbbu005469@repo.freebsd.org> References: <201705101527.v4AFRbbu005469@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Doesn't assert get compiled out, which would cause strlcpy to never happen? Warner On Wed, May 10, 2017 at 9:27 AM, Alan Somers <asomers@freebsd.org> wrote: > Author: asomers > Date: Wed May 10 15:27:36 2017 > New Revision: 318141 > URL: https://svnweb.freebsd.org/changeset/base/318141 > > Log: > strcpy => strlcpy > > Reported by: Coverity > CID: 1352771 > MFC after: 3 weeks > Sponsored by: Spectra Logic Corp > > Modified: > head/usr.bin/mkuzip/mkuzip.c > > Modified: head/usr.bin/mkuzip/mkuzip.c > ============================================================================== > --- head/usr.bin/mkuzip/mkuzip.c Wed May 10 15:20:39 2017 (r318140) > +++ head/usr.bin/mkuzip/mkuzip.c Wed May 10 15:27:36 2017 (r318141) > @@ -192,7 +192,8 @@ int main(int argc, char **argv) > /* Not reached */ > } > > - strcpy(hdr.magic, cfs.handler->magic); > + assert(strlcpy(hdr.magic, cfs.handler->magic, sizeof(hdr.magic)) > + < sizeof(hdr.magic)); > > if (cfs.en_dedup != 0) { > hdr.magic[CLOOP_OFS_VERSN] = CLOOP_MAJVER_3; >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfqPvXeKk%2Bj=TFdRqoUOObstutL81aMF_3EN6TuMvF%2BU-Q>