diff options
| -rw-r--r-- | cpukit/ChangeLog | 7 | ||||
| -rw-r--r-- | cpukit/libcsupport/src/ctermid.c | 5 |
2 files changed, 12 insertions, 0 deletions
diff --git a/cpukit/ChangeLog b/cpukit/ChangeLog index c3489e73db..b7260d6c06 100644 --- a/cpukit/ChangeLog +++ b/cpukit/ChangeLog @@ -1,5 +1,12 @@ 2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com> + * libcsupport/src/ctermid.c: Add comment explaining that this use of + strcpy() is a potential buffer overrun but because the API does not + provide a way to know the length of the user provided buffer, there + is nothing we can do about it. + +2010-08-27 Joel Sherrill <joel.sherrill@oarcorp.com> + * libmisc/shell/main_date.c: Use snprintf() not sprintf(). 2010-08-27 Joel Sherrill <joel.sherrilL@OARcorp.com> diff --git a/cpukit/libcsupport/src/ctermid.c b/cpukit/libcsupport/src/ctermid.c index f0e2310fea..6127d662ed 100644 --- a/cpukit/libcsupport/src/ctermid.c +++ b/cpukit/libcsupport/src/ctermid.c @@ -30,6 +30,11 @@ char *ctermid( if ( !s ) return ctermid_name; + /* + * We have no way of knowing the length of the user provided buffer. + * It may not be large enough but there is no way to know that. :( + * So this is a potential buffer owerrun that we can do nothing about. + */ strcpy( s, ctermid_name ); return s; } |