[Bug 211958] Boot overflows when reading loader.conf
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Aug 20 16:23:57 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211958
--- Comment #1 from commit-hook at freebsd.org ---
A commit references this bug:
Author: tsoome
Date: Sat Aug 20 16:23:20 UTC 2016
New revision: 304532
URL: https://svnweb.freebsd.org/changeset/base/304532
Log:
loader is filling fixed length command_errbuf with sprintf() and is trusting
strings provided by user/config files. This update is replacing sprintf with
snprintf for cases the command_errbuf is built from dynamic content.
PR: 211958
Reported by: ecturt at gmail.com
Reviewed by: imp, allanjude
Approved by: imp (mentor), allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D7563
Changes:
head/sys/boot/common/boot.c
head/sys/boot/common/bootstrap.h
head/sys/boot/common/commands.c
head/sys/boot/common/interp.c
head/sys/boot/common/ls.c
head/sys/boot/common/module.c
head/sys/boot/efi/loader/arch/amd64/framebuffer.c
head/sys/boot/fdt/fdt_loader_cmd.c
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list