Page MenuHomeFreeBSD
Differential D16595

Always terminate string with nul.
ClosedPublic
Actions

Authored by delphij on Aug 5 2018, 6:04 AM.
Tags
None
Referenced Files
F82868548: D16595.id46306.diff
Fri, May 3, 9:28 AM
Unknown Object (File)
Tue, Apr 30, 12:50 AM
Unknown Object (File)
Mar 30 2024, 5:34 PM
Unknown Object (File)
Mar 11 2024, 3:34 PM
Unknown Object (File)
Mar 5 2024, 12:42 AM
Unknown Object (File)
Dec 30 2023, 11:13 PM
Unknown Object (File)
Dec 20 2023, 9:18 PM
Unknown Object (File)
Dec 20 2023, 1:50 AM
View All 36 Files
Subscribers
imp

Details

Reviewers
wollman
emaste
imp
Commits
rS338441: MFC r337522:
rS338440: MFC r337522:
rS337522: In read_zones(), check if the file name actually fit in the buffer
Summary

In read_zones(), check if the file name actually fit in the buffer
and make sure it would fit with strlcpy().

Test Plan

run tzsetup

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 18595
Build 18286: arc lint + arc unit

Event Timeline

delphij created this revision.Aug 5 2018, 6:04 AM
Herald added a subscriber: imp. · View Herald TranscriptAug 5 2018, 6:04 AM
Harbormaster completed remote builds in B18591: Diff 46306.Aug 5 2018, 6:04 AM
imp added a comment.Aug 5 2018, 9:36 AM

Seems fine. Normally, these files aren't in the control of users...

usr.sbin/tzsetup/tzsetup.c
481

16 is very short...

516

stylistically, sizeof(contbuf) is better here. practically, it woudln't matter.

imp accepted this revision.Aug 5 2018, 9:37 AM
This revision is now accepted and ready to land.Aug 5 2018, 9:37 AM
imp added a comment.Aug 5 2018, 9:37 AM

And is there still an upstream for these files?

delphij updated this revision to Diff 46314.Aug 5 2018, 5:09 PM
delphij marked an inline comment as done.

Clarify the code.

This revision now requires review to proceed.Aug 5 2018, 5:09 PM
Harbormaster completed remote builds in B18595: Diff 46314.Aug 5 2018, 5:09 PM
delphij added inline comments.Aug 5 2018, 5:10 PM
usr.sbin/tzsetup/tzsetup.c
516

I think the intention was to copy until '/' (e.g. for Europe/Andorra, the goal is to copy "Europe").

Now I realized that 'filelen' is a poor name so I have revised the code to make it more clear.

delphij marked an inline comment as done.Aug 5 2018, 5:15 PM
In D16595#352569, @imp wrote:

Normally, these files aren't in the control of users...

Yes this is not intended as a security fix.

In D16595#352574, @imp wrote:

And is there still an upstream for these files?

I think this is FreeBSD specific code and there was no upstream so we are probably the ultimate upstream.

This revision was not accepted when it landed; it landed in state Needs Review.Aug 9 2018, 2:47 AM
Closed by commit rS337522: In read_zones(), check if the file name actually fit in the buffer (authored by delphij). · Explain Why
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
usr.sbin/
tzsetup/
10 lines

Diff 46314

View Options

usr.sbin/tzsetup/tzsetup.c

Loading...