diff options
author | Joel Sherrill <joel@rtems.org> | 2018-08-21 10:32:48 -0500 |
---|---|---|
committer | Joel Sherrill <joel@rtems.org> | 2018-08-29 12:52:08 -0500 |
commit | 14a218fd20a5e1a449d6305836d147a5e3e40eea (patch) | |
tree | f14af5cd508e8dde7459a7bac7271fd0588bd537 /cpukit/telnetd/pty.c | |
parent | bsps/m68k/shared/cache/cache.h: Fix warnings and clean up (diff) | |
download | rtems-14a218fd20a5e1a449d6305836d147a5e3e40eea.tar.bz2 |
cpukit/telnetd/pty.c: Fix format overflow warning on sprintf()
cpukit/telnetd/pty.c:436:47: warning: '%X' directive writing between
1 and 8 bytes into a region of size 3 [-Wformat-overflow=]
The devname area was malloc'ed. Now it is statically allocated and
sufficiently large to account for the potential buffer overflow.
Diffstat (limited to '')
-rw-r--r-- | cpukit/telnetd/pty.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/cpukit/telnetd/pty.c b/cpukit/telnetd/pty.c index 14d688018f..3c511f9e98 100644 --- a/cpukit/telnetd/pty.c +++ b/cpukit/telnetd/pty.c @@ -71,7 +71,7 @@ struct pty_tt; typedef struct pty_tt pty_t; struct pty_tt { - char *devname; + char devname[17]; struct rtems_termios_tty *ttyp; tcflag_t c_cflag; int opened; @@ -432,8 +432,8 @@ rtems_device_driver my_pty_initialize( */ for (ndx=0;ndx<rtems_telnetd_maximum_ptys;ndx++) { - telnet_ptys[ndx].devname = (char*)malloc(strlen("/dev/ptyXX")+1); - sprintf(telnet_ptys[ndx].devname,"/dev/pty%X",ndx); + /* devname is included in the structure */ + sprintf(telnet_ptys[ndx].devname,"/dev/pty%02X",ndx); telnet_ptys[ndx].ttyp = NULL; telnet_ptys[ndx].c_cflag = CS8|B9600; telnet_ptys[ndx].socket = -1; @@ -491,8 +491,9 @@ static int pty_do_finalize(void) status = (rtems_status_code)unlink(telnet_ptys[ndx].devname); if (status != RTEMS_SUCCESSFUL) perror("removing pty device node from file system"); - else - free(telnet_ptys[ndx].devname); + else { + telnet_ptys[ndx].devname[0] = '\0'; + } }; free ( telnet_ptys ); |