svn commit: r337921 - head/lib/libbe
Kyle Evans
kevans at FreeBSD.org
Thu Aug 16 18:37:49 UTC 2018
Author: kevans
Date: Thu Aug 16 18:37:47 2018
New Revision: 337921
URL: https://svnweb.freebsd.org/changeset/base/337921
Log:
libbe(3): Prefer safer versions of strcat/strcpy
Or, in the activate case, just use snprintf since that's effectively what
we're doing anyways.
Modified:
head/lib/libbe/be.c
head/lib/libbe/be_access.c
head/lib/libbe/libbe.3
Modified: head/lib/libbe/be.c
==============================================================================
--- head/lib/libbe/be.c Thu Aug 16 18:35:39 2018 (r337920)
+++ head/lib/libbe/be.c Thu Aug 16 18:37:47 2018 (r337921)
@@ -91,7 +91,6 @@ libbe_init(void)
lbh = NULL;
poolname = pos = NULL;
- pnamelen = 0;
rootds = NULL;
/* Verify that /boot and / are mounted on the same filesystem */
@@ -138,6 +137,8 @@ libbe_init(void)
strlcpy(poolname, lbh->root, pnamelen + 1);
if ((lbh->active_phandle = zpool_open(lbh->lzh, poolname)) == NULL)
goto err;
+ free(poolname);
+ poolname = NULL;
if (zpool_get_prop(lbh->active_phandle, ZPOOL_PROP_BOOTFS, lbh->bootfs,
sizeof(lbh->bootfs), NULL, true) != 0)
@@ -218,7 +219,6 @@ be_destroy(libbe_handle_t *lbh, const char *name, int
p = path;
force = options & BE_DESTROY_FORCE;
- err = BE_ERR_SUCCESS;
be_root_concat(lbh, name, path);
@@ -274,8 +274,12 @@ be_snapshot(libbe_handle_t *lbh, const char *source, c
return (BE_ERR_NOENT);
if (snap_name != NULL) {
- strcat(buf, "@");
- strcat(buf, snap_name);
+ if (strlcat(buf, "@", sizeof(buf)) >= sizeof(buf))
+ return (set_error(lbh, BE_ERR_INVALIDNAME));
+
+ if (strlcat(buf, snap_name, sizeof(buf)) >= sizeof(buf))
+ return (set_error(lbh, BE_ERR_INVALIDNAME));
+
if (result != NULL)
snprintf(result, BE_MAXPATHLEN, "%s@%s", source,
snap_name);
@@ -284,8 +288,9 @@ be_snapshot(libbe_handle_t *lbh, const char *source, c
len = strlen(buf);
strftime(buf + len, sizeof(buf) - len,
"@%F-%T", localtime(&rawtime));
- if (result != NULL)
- strcpy(result, strrchr(buf, '/') + 1);
+ if (result != NULL && strlcpy(result, strrchr(buf, '/') + 1,
+ sizeof(buf)) >= sizeof(buf))
+ return (set_error(lbh, BE_ERR_INVALIDNAME));
}
if ((err = zfs_snapshot(lbh->lzh, buf, recursive, NULL)) != 0) {
@@ -942,9 +947,7 @@ be_activate(libbe_handle_t *lbh, const char *bootenv,
return (set_error(lbh, BE_ERR_UNKNOWN));
/* Expected format according to zfsbootcfg(8) man */
- strcpy(buf, "zfs:");
- strcat(buf, be_path);
- strcat(buf, ":");
+ snprintf(buf, sizeof(buf), "zfs:%s:", be_path);
/* We have no config tree */
if (nvlist_lookup_nvlist(config, ZPOOL_CONFIG_VDEV_TREE,
Modified: head/lib/libbe/be_access.c
==============================================================================
--- head/lib/libbe/be_access.c Thu Aug 16 18:35:39 2018 (r337920)
+++ head/lib/libbe/be_access.c Thu Aug 16 18:37:47 2018 (r337921)
@@ -124,7 +124,7 @@ be_mount(libbe_handle_t *lbh, char *bootenv, char *mou
/* Create mountpoint if it is not specified */
if (mountpoint == NULL) {
- strcpy(mnt_temp, "/tmp/be_mount.XXXX");
+ strlcpy(mnt_temp, "/tmp/be_mount.XXXX", sizeof(mnt_temp));
if (mkdtemp(mnt_temp) == NULL)
return (set_error(lbh, BE_ERR_IO));
}
@@ -149,7 +149,8 @@ be_mount(libbe_handle_t *lbh, char *bootenv, char *mou
}
if (result_loc != NULL)
- strcpy(result_loc, mountpoint == NULL ? mnt_temp : mountpoint);
+ strlcpy(result_loc, mountpoint == NULL ? mnt_temp : mountpoint,
+ BE_MAXPATHLEN);
return (BE_ERR_SUCCESS);
}
Modified: head/lib/libbe/libbe.3
==============================================================================
--- head/lib/libbe/libbe.3 Thu Aug 16 18:35:39 2018 (r337920)
+++ head/lib/libbe/libbe.3 Thu Aug 16 18:37:47 2018 (r337921)
@@ -28,7 +28,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd August 12, 2018
+.Dd August 16, 2018
.Dt LIBBE 3
.Os
.Sh NAME
@@ -267,6 +267,9 @@ If
.Fa result
is not
.Dv NULL ,
+it should be large enough to accommodate
+.Dv BE_MAXPATHLEN
+including the null terminator.
the final mount point will be copied into it.
Setting the
.Dv BE_MNT_FORCE
More information about the svn-src-all
mailing list