system/2905: sbin/fsck/fsutil.c fixes

From: Frank Denis <j(at)pureftpd.org>
Date: Sun Aug 25 2002 - 04:15:00 EDT

>Number: 2905
>Category: system
>Synopsis: sbin/fsck/fsutil.c fixes
>Confidential: no

	System      : OpenBSD 3.1
	Architecture: OpenBSD.i386
	Machine     : i386

>Description:

• Use MAXPATHLEN, not an arbitrary value (32) for the raw device buffer
• strcpy/strcat() -> strlcpy/strlcat()
• Use memmove() to copy overlapping regions, not strcpy()
• 0 -> NULL

>How-To-Repeat:

-
>Fix:

--- sbin/fsck/fsutil.c	Thu Jul  4 00:32:10 2002
+++ sbin/fsck/fsutil.c.new	Sun Aug 25 10:06:03 2002

@@ -47,6 +47,7 @@  

 #include 
 #include 
+#include 
 

 #include "fsutil.h"  

@@ -151,7 +152,7 @@

 	char *dp;
 	struct stat stb;
 
-	if ((dp = strrchr(name, '/')) == 0)
+	if ((dp = strrchr(name, '/')) == NULL)
 		return (name);
 	if (stat(name, &stb) < 0)
 		return (name);
@@ -159,23 +160,23 @@
 		return (name);
 	if (dp[1] != 'r')
 		return (name);
-	(void)strcpy(&dp[1], &dp[2]);
+	(void)memmove(&dp[1], &dp[2], strlen(&dp[1]));
 	return (name);

 }  

 char *
 rawname(char *name)
 {

-	static char rawbuf[32];
+	static char rawbuf[MAXPATHLEN];
 	char *dp;
 
-	if ((dp = strrchr(name, '/')) == 0)
+	if ((dp = strrchr(name, '/')) == NULL)
 		return (0);
 	*dp = 0;
-	(void)strcpy(rawbuf, name);
+	(void)strlcpy(rawbuf, name, sizeof rawbuf);
 	*dp = '/';
-	(void)strcat(rawbuf, "/r");
-	(void)strcat(rawbuf, &dp[1]);
+	(void)strlcat(rawbuf, "/r", sizeof rawbuf);
+	(void)strlcat(rawbuf, &dp[1], sizeof rawbuf);
 	return (rawbuf);

 }

>Release-Note:
Received on Thu Nov 7 16:09:42 2002