svn commit: r318143 - head/usr.sbin/pw
Warner Losh
imp at bsdimp.com
Wed May 10 16:19:23 UTC 2017
Again, this is wrong. -DNDEBUG makes this a nop.
Warner.
On Wed, May 10, 2017 at 9:38 AM, Alan Somers <asomers at freebsd.org> wrote:
> Author: asomers
> Date: Wed May 10 15:38:06 2017
> New Revision: 318143
> URL: https://svnweb.freebsd.org/changeset/base/318143
>
> Log:
> strcpy => strlcpy
>
> Reported by: Coverity
> CID: 1006715
> MFC after: 3 weeks
> Sponsored by: Spectra Logic Corp
>
> Modified:
> head/usr.sbin/pw/pw_user.c
>
> Modified: head/usr.sbin/pw/pw_user.c
> ==============================================================================
> --- head/usr.sbin/pw/pw_user.c Wed May 10 15:35:41 2017 (r318142)
> +++ head/usr.sbin/pw/pw_user.c Wed May 10 15:38:06 2017 (r318143)
> @@ -33,6 +33,7 @@ static const char rcsid[] =
> #include <sys/param.h>
> #include <sys/types.h>
>
> +#include <assert.h>
> #include <ctype.h>
> #include <dirent.h>
> #include <err.h>
> @@ -501,7 +502,8 @@ pw_pwcrypt(char *password)
> cryptpw = crypt(password, salt);
> if (cryptpw == NULL)
> errx(EX_CONFIG, "crypt(3) failure");
> - return strcpy(buf, cryptpw);
> + assert(strlcpy(buf, cryptpw, sizeof(buf)) < sizeof(buf));
> + return (buf);
> }
>
> static char *
>
More information about the svn-src-head
mailing list