Author: ngie Date: Fri May 13 08:41:09 2016 New Revision: 299623 URL: https://svnweb.freebsd.org/changeset/base/299623
Log: MFC r298337: r298337 (by cem): pty(4): Use strlcpy to guarantee destination buffer isn't overrun The devtoname() name is strcpyed into a small stack buffer. Sure, we always expect the name to be ttyXX (or ptyXX). If that's the case, strlcpy() doesn't hurt. CID: 1006768 Modified: stable/10/sys/dev/pty/pty.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/pty/pty.c ============================================================================== --- stable/10/sys/dev/pty/pty.c Fri May 13 08:39:33 2016 (r299622) +++ stable/10/sys/dev/pty/pty.c Fri May 13 08:41:09 2016 (r299623) @@ -67,7 +67,7 @@ ptydev_fdopen(struct cdev *dev, int ffla return (EBUSY); /* Generate device name and create PTY. */ - strcpy(name, devtoname(dev)); + strlcpy(name, devtoname(dev), sizeof(name)); name[0] = 't'; error = pts_alloc_external(fflags & (FREAD|FWRITE), td, fp, dev, name); _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"