Hmm. I thought that assert(e) would get turned into e when -DNDEBUG. But looking at the header, you're right. I'll fix it soon. Good catch. -Alan
On Wed, May 10, 2017 at 9:32 AM, Warner Losh <i...@bsdimp.com> wrote: > Doesn't assert get compiled out, which would cause strlcpy to never happen? > > Warner > > On Wed, May 10, 2017 at 9:27 AM, Alan Somers <asom...@freebsd.org> wrote: >> Author: asomers >> Date: Wed May 10 15:27:36 2017 >> New Revision: 318141 >> URL: https://svnweb.freebsd.org/changeset/base/318141 >> >> Log: >> strcpy => strlcpy >> >> Reported by: Coverity >> CID: 1352771 >> MFC after: 3 weeks >> Sponsored by: Spectra Logic Corp >> >> Modified: >> head/usr.bin/mkuzip/mkuzip.c >> >> Modified: head/usr.bin/mkuzip/mkuzip.c >> ============================================================================== >> --- head/usr.bin/mkuzip/mkuzip.c Wed May 10 15:20:39 2017 >> (r318140) >> +++ head/usr.bin/mkuzip/mkuzip.c Wed May 10 15:27:36 2017 >> (r318141) >> @@ -192,7 +192,8 @@ int main(int argc, char **argv) >> /* Not reached */ >> } >> >> - strcpy(hdr.magic, cfs.handler->magic); >> + assert(strlcpy(hdr.magic, cfs.handler->magic, sizeof(hdr.magic)) >> + < sizeof(hdr.magic)); >> >> if (cfs.en_dedup != 0) { >> hdr.magic[CLOOP_OFS_VERSN] = CLOOP_MAJVER_3; >> _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"