upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-28 04:12:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix a buffer overflow by using strncpy() instead of strcpy().

Browse source 
Also, use strdup() instead of malloc()/strcpy().

PR:		64164
This commit is contained in:
David Schultz 2004-09-19 20:34:30 +00:00
parent 3d634dba70
commit c4c326cf1d
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
usr.bin/indent/args.c
View file

@ -49,6 +49,7 @@ __FBSDID("$FreeBSD$");
#include <ctype.h>
#include <err.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -171,10 +172,10 @@ void
set_profile(void)
{
FILE *f;
char fname[BUFSIZ];
char fname[PATH_MAX];
static char prof[] = ".indent.pro";
sprintf(fname, "%s/%s", getenv("HOME"), prof);
snprintf(fname, sizeof(fname), "%s/%s", getenv("HOME"), prof);
if ((f = fopen(option_source = fname, "r")) != NULL) {
scan_profile(f);
(void) fclose(f);
@ -288,10 +289,9 @@ found:
if (*param_start == 0)
goto need_param;
{
char *str = (char *) malloc(strlen(param_start) + 1);
char *str = strdup(param_start);
if (str == NULL)
err(1, NULL);
strcpy(str, param_start);
addkey(str, 4);
}
break;