svn commit: r298337 - head/sys/dev/pty
Conrad E. Meyer
cem at FreeBSD.org
Wed Apr 20 04:50:34 UTC 2016
Author: cem
Date: Wed Apr 20 04:50:33 2016
New Revision: 298337
URL: https://svnweb.freebsd.org/changeset/base/298337
Log:
pty(4): Use strlcpy to guarantee destination buffer isn't overrun
The devtoname() name is strcpyed into a small stack buffer. Sure, we always
expect the name to be ttyXX (or ptyXX). If that's the case, strlcpy() doesn't
hurt.
Reported by: Coverity
CID: 1006768
Sponsored by: EMC / Isilon Storage Division
Modified:
head/sys/dev/pty/pty.c
Modified: head/sys/dev/pty/pty.c
==============================================================================
--- head/sys/dev/pty/pty.c Wed Apr 20 04:45:23 2016 (r298336)
+++ head/sys/dev/pty/pty.c Wed Apr 20 04:50:33 2016 (r298337)
@@ -67,7 +67,7 @@ ptydev_fdopen(struct cdev *dev, int ffla
return (EBUSY);
/* Generate device name and create PTY. */
- strcpy(name, devtoname(dev));
+ strlcpy(name, devtoname(dev), sizeof(name));
name[0] = 't';
error = pts_alloc_external(fflags & (FREAD|FWRITE), td, fp, dev, name);
More information about the svn-src-head
mailing list