2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com>

* libcsupport/src/ctermid.c: Add comment explaining that this use of strcpy() is a potential buffer overrun but because the API does not provide a way to know the length of the user provided buffer, there is nothing we can do about it.
author: Joel Sherrill <joel.sherrill@OARcorp.com> 2010-08-27 18:06:46 +0000
committer: Joel Sherrill <joel.sherrill@OARcorp.com> 2010-08-27 18:06:46 +0000
commit: e78b10bd27cc4663ea68a6bd11e512354115c8f7 (patch)
tree: e1044d510480236d85766e68d664c53bde31423b /cpukit/libcsupport/src/ctermid.c
parent: 2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com> (diff)
download: rtems-e78b10bd27cc4663ea68a6bd11e512354115c8f7.tar.bz2
1 files changed, 5 insertions, 0 deletions
diff --git a/cpukit/libcsupport/src/ctermid.c b/cpukit/libcsupport/src/ctermid.c
index f0e2310fea..6127d662ed 100644
--- a/cpukit/libcsupport/src/ctermid.c
+++ b/cpukit/libcsupport/src/ctermid.c
@@ -30,6 +30,11 @@ char *ctermid(
   if ( !s )
     return ctermid_name;
 
+  /*
+   *  We have no way of knowing the length of the user provided buffer.
+   *  It may not be large enough but there is no way to know that. :(
+   *  So this is a potential buffer owerrun that we can do nothing about.
+   */
   strcpy( s, ctermid_name );
   return s;
 }
author	Joel Sherrill <joel.sherrill@OARcorp.com>	2010-08-27 18:06:46 +0000
committer	Joel Sherrill <joel.sherrill@OARcorp.com>	2010-08-27 18:06:46 +0000
commit	e78b10bd27cc4663ea68a6bd11e512354115c8f7 (patch)
tree	e1044d510480236d85766e68d664c53bde31423b /cpukit/libcsupport/src/ctermid.c
parent	2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com> (diff)
download	rtems-e78b10bd27cc4663ea68a6bd11e512354115c8f7.tar.bz2