From e78b10bd27cc4663ea68a6bd11e512354115c8f7 Mon Sep 17 00:00:00 2001
From: Joel Sherrill <joel.sherrill@OARcorp.com>
Date: Fri, 27 Aug 2010 18:06:46 +0000
Subject: [PATCH] 2010-08-27	Joel Sherrill <joel.sherrill@oarcorp.com>

	* libcsupport/src/ctermid.c: Add comment explaining that this use of
	strcpy() is a potential buffer overrun but because the API does not
	provide a way to know the length of the user provided buffer, there
	is nothing we can do about it.
---
 cpukit/ChangeLog                 | 7 +++++++
 cpukit/libcsupport/src/ctermid.c | 5 +++++
 2 files changed, 12 insertions(+)

diff --git a/cpukit/ChangeLog b/cpukit/ChangeLog
index c3489e73db..b7260d6c06 100644
--- a/cpukit/ChangeLog
+++ b/cpukit/ChangeLog
@@ -1,3 +1,10 @@
+2010-08-27	Joel Sherrill <joel.sherrill@oarcorp.com>
+
+	* libcsupport/src/ctermid.c: Add comment explaining that this use of
+	strcpy() is a potential buffer overrun but because the API does not
+	provide a way to know the length of the user provided buffer, there
+	is nothing we can do about it.
+
 2010-08-27	Joel Sherrill <joel.sherrill@oarcorp.com>
 
 	* libmisc/shell/main_date.c: Use snprintf() not sprintf().
diff --git a/cpukit/libcsupport/src/ctermid.c b/cpukit/libcsupport/src/ctermid.c
index f0e2310fea..6127d662ed 100644
--- a/cpukit/libcsupport/src/ctermid.c
+++ b/cpukit/libcsupport/src/ctermid.c
@@ -30,6 +30,11 @@ char *ctermid(
   if ( !s )
     return ctermid_name;
 
+  /*
+   *  We have no way of knowing the length of the user provided buffer.
+   *  It may not be large enough but there is no way to know that. :(
+   *  So this is a potential buffer owerrun that we can do nothing about.
+   */
   strcpy( s, ctermid_name );
   return s;
 }