The following commit has been merged in the openafs-stable-1_6_x branch:
commit d2d749ec0c656d6e4c595a5f8c93b164a6cf911b
Author: Simon Wilkinson <[email protected]>
Date: Fri Mar 8 16:15:51 2013 +0000
bos: Remove theoretical overflow in DateOf
DateOf copies the results of ctime into a static buffer. Typically
ctime will return a 26 byte string, but if you pass it a year larger
than 9999 (which we shouldn't), you can get a 32 (or more) byte string.
Get rid of this unlikely event by using strlcpy for the copy. We already
truncate at 24 bytes when we remove the \n, so this shouldn't cause any
further problems.
Really, this whole thing should be rewritten to use strftime.
Caught by coverity (#985776)
Reviewed-on: http://gerrit.openafs.org/9551
Reviewed-by: Derrick Brashear <[email protected]>
Reviewed-by: Jeffrey Altman <[email protected]>
Tested-by: BuildBot <[email protected]>
(cherry picked from commit 8b76110e23160e33716234f9560d22ca5275cb0a)
Change-Id: I47bdadf0159c12d747040765d28e6e8908678fd1
Reviewed-on: http://gerrit.openafs.org/10862
Tested-by: BuildBot <[email protected]>
Reviewed-by: Jeffrey Altman <[email protected]>
Reviewed-by: Michael Meffie <[email protected]>
Reviewed-by: Andrew Deason <[email protected]>
Reviewed-by: Stephan Wiesand <[email protected]>
src/bozo/bos.c | 7 +++----
1 files changed, 3 insertions(+), 4 deletions(-)
--
OpenAFS Master Repository
_______________________________________________
OpenAFS-cvs mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-cvs
