From e78b10bd27cc4663ea68a6bd11e512354115c8f7 Mon Sep 17 00:00:00 2001 From: Joel Sherrill Date: Fri, 27 Aug 2010 18:06:46 +0000 Subject: 2010-08-27 Joel Sherrill * libcsupport/src/ctermid.c: Add comment explaining that this use of strcpy() is a potential buffer overrun but because the API does not provide a way to know the length of the user provided buffer, there is nothing we can do about it. --- cpukit/libcsupport/src/ctermid.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'cpukit/libcsupport/src/ctermid.c') diff --git a/cpukit/libcsupport/src/ctermid.c b/cpukit/libcsupport/src/ctermid.c index f0e2310fea..6127d662ed 100644 --- a/cpukit/libcsupport/src/ctermid.c +++ b/cpukit/libcsupport/src/ctermid.c @@ -30,6 +30,11 @@ char *ctermid( if ( !s ) return ctermid_name; + /* + * We have no way of knowing the length of the user provided buffer. + * It may not be large enough but there is no way to know that. :( + * So this is a potential buffer owerrun that we can do nothing about. + */ strcpy( s, ctermid_name ); return s; } -- cgit v1.2.3