diff options
author | Joel Sherrill <joel.sherrill@OARcorp.com> | 2010-08-27 18:06:46 +0000 |
---|---|---|
committer | Joel Sherrill <joel.sherrill@OARcorp.com> | 2010-08-27 18:06:46 +0000 |
commit | e78b10bd27cc4663ea68a6bd11e512354115c8f7 (patch) | |
tree | e1044d510480236d85766e68d664c53bde31423b /cpukit | |
parent | 2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com> (diff) | |
download | rtems-e78b10bd27cc4663ea68a6bd11e512354115c8f7.tar.bz2 |
2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com>
* libcsupport/src/ctermid.c: Add comment explaining that this use of
strcpy() is a potential buffer overrun but because the API does not
provide a way to know the length of the user provided buffer, there
is nothing we can do about it.
Diffstat (limited to 'cpukit')
-rw-r--r-- | cpukit/ChangeLog | 7 | ||||
-rw-r--r-- | cpukit/libcsupport/src/ctermid.c | 5 |
2 files changed, 12 insertions, 0 deletions
diff --git a/cpukit/ChangeLog b/cpukit/ChangeLog index c3489e73db..b7260d6c06 100644 --- a/cpukit/ChangeLog +++ b/cpukit/ChangeLog @@ -1,5 +1,12 @@ 2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com> + * libcsupport/src/ctermid.c: Add comment explaining that this use of + strcpy() is a potential buffer overrun but because the API does not + provide a way to know the length of the user provided buffer, there + is nothing we can do about it. + +2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com> + * libmisc/shell/main_date.c: Use snprintf() not sprintf(). 2010-08-27 Joel Sherrill <joel.sherrilL@OARcorp.com> diff --git a/cpukit/libcsupport/src/ctermid.c b/cpukit/libcsupport/src/ctermid.c index f0e2310fea..6127d662ed 100644 --- a/cpukit/libcsupport/src/ctermid.c +++ b/cpukit/libcsupport/src/ctermid.c @@ -30,6 +30,11 @@ char *ctermid( if ( !s ) return ctermid_name; + /* + * We have no way of knowing the length of the user provided buffer. + * It may not be large enough but there is no way to know that. :( + * So this is a potential buffer owerrun that we can do nothing about. + */ strcpy( s, ctermid_name ); return s; } |