1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-12 03:00:28 +00:00
freebsd-ports/net/mopd/files/patch-device.c
David E. O'Brien 8f7ba5aeb3 String paranoia and security fixes from OpenBSD: prevent a remote buffer
overflow and remote syslog() exploits.

Obtained from:	OpenBSD
2000-08-29 00:49:08 +00:00

39 lines
1.0 KiB
C

--- common/device.c 1996/09/21 13:49:16 1.1
+++ common/device.c 2000/02/20 17:45:33 1.4
@@ -111,7 +113,8 @@
{
struct if_info *p, tmp;
- strcpy(tmp.if_name,ifname);
+ strncpy(tmp.if_name,ifname,sizeof(tmp.if_name) - 1);
+ tmp.if_name[sizeof(tmp.if_name) - 1] = 0;
tmp.iopen = pfInit;
switch (proto) {
@@ -138,7 +141,8 @@
p->next = iflist;
iflist = p;
- strcpy(p->if_name,tmp.if_name);
+ strncpy(p->if_name,tmp.if_name, IFNAME_SIZE -1);
+ p->if_name[IFNAME_SIZE -1] = 0;
p->iopen = tmp.iopen;
p->write = pfWrite;
p->read = tmp.read;
@@ -185,12 +199,12 @@
if ((strlen(dev) == 2) &&
(dev[0] == 'e') &&
((dev[1] == 'n') || (dev[1] == 't'))) {
- sprintf(interface,"ent%d\0",unit);
+ snprintf(interface,sizeof(interface),"ent%d\0",unit);
} else {
- sprintf(interface,"%s%d\0",dev,unit);
+ snprintf(interface,sizeof(interface),"%s%d\0",dev,unit);
}
#else
- sprintf(interface,"%s",ifname);
+ snprintf(interface,sizeof(interface),"%s",ifname);
#endif /* _AIX */
/* Ok, init it just once */