RTOS/rtems
1
0
Fork 0
forked from Imagelibrary/rtems
Code Pull Requests Activity

2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com>

Browse Source 
* libcsupport/src/ctermid.c: Add comment explaining that this use of
	strcpy() is a potential buffer overrun but because the API does not
	provide a way to know the length of the user provided buffer, there
	is nothing we can do about it.
This commit is contained in:
Joel Sherrill
2010-08-27 18:06:46 +00:00
parent 57cdf005bc
commit e78b10bd27
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cpukit/ChangeLog
View File

@@ -1,3 +1,10 @@
2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com>
* libcsupport/src/ctermid.c: Add comment explaining that this use of
strcpy() is a potential buffer overrun but because the API does not
provide a way to know the length of the user provided buffer, there
is nothing we can do about it.
2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com> 2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com>
* libmisc/shell/main_date.c: Use snprintf() not sprintf(). * libmisc/shell/main_date.c: Use snprintf() not sprintf().

5
cpukit/libcsupport/src/ctermid.c
View File

@@ -30,6 +30,11 @@ char *ctermid(
if ( !s ) if ( !s )
return ctermid_name; return ctermid_name;
/*
* We have no way of knowing the length of the user provided buffer.
* It may not be large enough but there is no way to know that. :(
* So this is a potential buffer owerrun that we can do nothing about.
*/
strcpy( s, ctermid_name ); strcpy( s, ctermid_name );
return s; return s;
} }