[src/trunk]: src/usr.sbin/sysinst add a size_t len to get_iso9660_volname() s...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/usr.sbin/sysinst add a size_t len to get_iso9660_volname() s...
From: mrg <mrg%NetBSD.org@localhost>
Date: Sat, 19 Oct 2019 21:14:52 +0000

details:   https://anonhg.NetBSD.org/src/rev/441ad9eb1e87
branches:  trunk
changeset: 460031:441ad9eb1e87
user:      mrg <mrg%NetBSD.org@localhost>
date:      Fri Oct 04 21:36:02 2019 +0000

description:
add a size_t len to get_iso9660_volname() so it can properly do
bounds checking.

ok martin@

diffstat:

 usr.sbin/sysinst/util.c |  15 +++++++++------
 1 files changed, 9 insertions(+), 6 deletions(-)

diffs (50 lines):

diff -r a96cfbca72a7 -r 441ad9eb1e87 usr.sbin/sysinst/util.c
--- a/usr.sbin/sysinst/util.c   Fri Oct 04 21:33:57 2019 +0000
+++ b/usr.sbin/sysinst/util.c   Fri Oct 04 21:36:02 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: util.c,v 1.33 2019/10/02 11:16:04 maya Exp $   */
+/*     $NetBSD: util.c,v 1.34 2019/10/04 21:36:02 mrg Exp $    */
 
 /*
  * Copyright 1997 Piermont Information Systems Inc.
@@ -171,7 +171,8 @@
  */
 
 static int check_for(unsigned int mode, const char *pathname);
-static int get_iso9660_volname(int dev, int sess, char *volname);
+static int get_iso9660_volname(int dev, int sess, char *volname,
+               size_t volnamelen);
 static int get_available_cds(void);
 static int binary_available(const char *prog);
 
@@ -377,7 +378,7 @@
  * Get the volume name of a ISO9660 file system
  */
 static int
-get_iso9660_volname(int dev, int sess, char *volname)
+get_iso9660_volname(int dev, int sess, char *volname, size_t volnamelen)
 {
        int blkno, error, last;
        char buf[ISO_BLKSIZE];
@@ -394,8 +395,9 @@
                if (isonum_711((const unsigned char *)&vd->type)
                     == ISO_VD_PRIMARY) {
                        pd = (struct iso_primary_descriptor*)buf;
-                       strncpy(volname, pd->volume_id, sizeof pd->volume_id);
-                       last = sizeof pd->volume_id-1;
+                       strncpy(volname, pd->volume_id, volnamelen - 1);
+                       volname[volnamelen - 1] = '\0';
+                       last = volnamelen - 1;
                        while (last >= 0
                            && (volname[last] == ' ' || volname[last] == 0))
                                last--;
@@ -456,7 +458,8 @@
                        dev = open(dname, O_RDONLY, 0);
                        if (dev == -1)
                                continue;
-                       error = get_iso9660_volname(dev, sess, volname);
+                       error = get_iso9660_volname(dev, sess, volname,
+                           sizeof volname);
                        close(dev);
                        if (error)
                                continue;

Prev by Date: [src/trunk]: src/usr.sbin/sup/source convert most sprintf() to snprintf().
Next by Date: [src/trunk]: src/share/man/man9 panic.9: add xrefs to printf(3) and printf(9)
Previous by Thread: [src/trunk]: src/usr.sbin/sup/source convert most sprintf() to snprintf().
Next by Thread: [src/trunk]: src/share/man/man9 panic.9: add xrefs to printf(3) and printf(9)
Indexes:

Home | Main Index | Thread Index | Old Index