2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com>

	* libcsupport/src/ctermid.c: Add comment explaining that this use of
	strcpy() is a potential buffer overrun but because the API does not
	provide a way to know the length of the user provided buffer, there
	is nothing we can do about it.

2 files changed, 12 insertions, 0 deletions

diff --git a/cpukit/ChangeLog b/cpukit/ChangeLog
index c3489e73db..b7260d6c06 100644
--- a/cpukit/ChangeLog
+++ b/cpukit/ChangeLog
@@ -1,5 +1,12 @@
 2010-08-27	Joel Sherrill <joel.sherrill@oarcorp.com>
 
+	* libcsupport/src/ctermid.c: Add comment explaining that this use of
+	strcpy() is a potential buffer overrun but because the API does not
+	provide a way to know the length of the user provided buffer, there
+	is nothing we can do about it.
+
+2010-08-27	Joel Sherrill <joel.sherrill@oarcorp.com>
+
 	* libmisc/shell/main_date.c: Use snprintf() not sprintf().
 
 2010-08-27	Joel Sherrill <joel.sherrilL@OARcorp.com>
diff --git a/cpukit/libcsupport/src/ctermid.c b/cpukit/libcsupport/src/ctermid.c
index f0e2310fea..6127d662ed 100644
--- a/cpukit/libcsupport/src/ctermid.c
+++ b/cpukit/libcsupport/src/ctermid.c
@@ -30,6 +30,11 @@ char *ctermid(
   if ( !s )
     return ctermid_name;
 
+  /*
+   *  We have no way of knowing the length of the user provided buffer.
+   *  It may not be large enough but there is no way to know that. :(
+   *  So this is a potential buffer owerrun that we can do nothing about.
+   */
   strcpy( s, ctermid_name );
   return s;
 }