svn commit: r311233 - head/contrib/netbsd-tests/fs/tmpfs
Ngie Cooper (yaneurabeya)
yaneurabeya at gmail.com
Thu Jan 5 07:26:22 UTC 2017
> On Jan 4, 2017, at 22:29, Ngie Cooper <yaneurabeya at gmail.com> wrote:
>
>
>> On Jan 4, 2017, at 15:45, Juli Mallett <juli at clockworksquid.com> wrote:
>>
>>> On Wed, Jan 4, 2017 at 3:36 PM, Jilles Tjoelker <jilles at stack.nl> wrote:
>>>> On Wed, Jan 04, 2017 at 02:46:36AM +0000, Ngie Cooper wrote:
>>>> - Initialize .sun_len before passing it to strlcpy and bind.
>>> It would be better to avoid naming the non-portable sun_len field if it
>>> is just to make Coverity happy. I suggest initializing the structure
>>> with designated initializers or memset().
>>>
>>> Apart from that, the value for sun_len is wrong; it should be the length
>>> of the whole structure and not just the sun_path part. Fortunately, the
>>> field is ignored by bind(), which uses the addrlen parameter instead.
>
> The problem was the strcpy and the fact that the code didn't check the input buffer to make sure it didn't overrun the destination buffer.
Bah.. I misremembered the fact that it was using strlcpy before and after…
-Ngie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20170104/b69313fb/attachment.sig>
More information about the svn-src-head
mailing list