2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com>

* libcsupport/src/ctermid.c: Add comment explaining that this use of strcpy() is a potential buffer overrun but because the API does not provide a way to know the length of the user provided buffer, there is nothing we can do about it.
2010-08-27 18:06:46 +00:00
parent 57cdf005bc
commit e78b10bd27
2 changed files with 12 additions and 0 deletions
--- a/cpukit/ChangeLog
+++ b/cpukit/ChangeLog
@@ -1,3 +1,10 @@
+2010-08-27	Joel Sherrill <joel.sherrill@oarcorp.com>
+
+	* libcsupport/src/ctermid.c: Add comment explaining that this use of
+	strcpy() is a potential buffer overrun but because the API does not
+	provide a way to know the length of the user provided buffer, there
+	is nothing we can do about it.
+
 2010-08-27	Joel Sherrill <joel.sherrill@oarcorp.com>

 	* libmisc/shell/main_date.c: Use snprintf() not sprintf().
--- a/cpukit/libcsupport/src/ctermid.c
+++ b/cpukit/libcsupport/src/ctermid.c
@@ -30,6 +30,11 @@ char *ctermid(
  if ( !s )
    return ctermid_name;

+  /*
+   *  We have no way of knowing the length of the user provided buffer.
+   *  It may not be large enough but there is no way to know that. :(
+   *  So this is a potential buffer owerrun that we can do nothing about.
+   */
  strcpy( s, ctermid_name );
  return s;
 }