On Wed, Aug 27, 2014 at 5:28 PM, Alan wrote:
> I can't prove the case pointed out in
> https://bugzilla.kernel.org/show_bug.cgi?id=82341
> is correct so let us play safe.
>
> Signed-off-by: Alan Cox
> ---
> arch/um/os-Linux/drivers/ethertap_user.c |2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/um/os-Linux/drivers/ethertap_user.c
> b/arch/um/os-Linux/drivers/ethertap_user.c
> index b39b669..6d49182 100644
> --- a/arch/um/os-Linux/drivers/ethertap_user.c
> +++ b/arch/um/os-Linux/drivers/ethertap_user.c
> @@ -105,7 +105,7 @@ static int etap_tramp(char *dev, char *gate, int
> control_me,
> sprintf(data_fd_buf, "%d", data_remote);
> sprintf(version_buf, "%d", UML_NET_VERSION);
> if (gate != NULL) {
> - strcpy(gate_buf, gate);
> + strncpy(gate_buf, gate, 15);
This will copy at most 15 bytes.
If "gate" contains 15 or more characters, gate_buf[] won't be
zero-terminated.
I think you better use strlcpy(), unless the remaining of the buffer
must be filled with zeroes.
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- ge...@linux-m68k.org
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
--
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
___
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
