svn commit: r338440 - stable/11/usr.sbin/tzsetup
Xin LI
delphij at FreeBSD.org
Mon Sep 3 06:55:39 UTC 2018
Author: delphij
Date: Mon Sep 3 06:55:38 2018
New Revision: 338440
URL: https://svnweb.freebsd.org/changeset/base/338440
Log:
MFC r337522:
In read_zones(), check if the file name actually fit in the buffer
and make sure it would terminate with nul with strlcpy().
Reviewed by: imp (earlier revision)
Differential Revision: https://reviews.freebsd.org/D16595
Modified:
stable/11/usr.sbin/tzsetup/tzsetup.c
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/usr.sbin/tzsetup/tzsetup.c
==============================================================================
--- stable/11/usr.sbin/tzsetup/tzsetup.c Mon Sep 3 06:36:28 2018 (r338439)
+++ stable/11/usr.sbin/tzsetup/tzsetup.c Mon Sep 3 06:55:38 2018 (r338440)
@@ -481,7 +481,7 @@ read_zones(void)
char contbuf[16];
FILE *fp;
struct continent *cont;
- size_t len;
+ size_t len, contlen;
char *line, *tlc, *file, *descr, *p;
int lineno;
@@ -504,12 +504,16 @@ read_zones(void)
path_zonetab, lineno, tlc);
/* coord = */ strsep(&line, "\t"); /* Unused */
file = strsep(&line, "\t");
+ /* get continent portion from continent/country */
p = strchr(file, '/');
if (p == NULL)
errx(1, "%s:%d: invalid zone name `%s'", path_zonetab,
lineno, file);
- contbuf[0] = '\0';
- strncat(contbuf, file, p - file);
+ contlen = p - file + 1; /* trailing nul */
+ if (contlen > sizeof(contbuf))
+ errx(1, "%s:%d: continent name in zone name `%s' too long",
+ path_zonetab, lineno, file);
+ strlcpy(contbuf, file, contlen);
cont = find_continent(contbuf);
if (!cont)
errx(1, "%s:%d: invalid region `%s'", path_zonetab,
More information about the svn-src-all
mailing list