DragonFly BSD
DragonFly commits List (threaded) for 2004-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: cvs commit: src/sbin/ifconfig ifconfig.c


From: Brooks Davis <brooks@xxxxxxxxxxxxxxxxxx>
Date: Tue, 16 Mar 2004 21:36:47 -0800

On Tue, Mar 16, 2004 at 06:18:23PM -0800, Matthew Dillon wrote:
> dillon      2004/03/16 18:18:23 PST
> 
> DragonFly src repository
> 
>   Modified files:
>     sbin/ifconfig        ifconfig.c 
>   Log:
>   An strlcpy() in the last commit was unconditionally overwriting 'name'
>   in the sysctl sdl scan, causing all ifconfig commands to always operate
>   on the first interface.

Unless you have changed the symantics of sdl_data to nul terminate the
name, you should apply rev 1.94 from FreeBSD to this code.  It was
pointed out to me that strlcpy isn't safe here because it scans the
source until it hits a null.  In practice, this probalby doesn't matter,
but in principle it could cause you to walk off into empty space.

-- Brooks

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

Attachment: pgp00000.pgp
Description: PGP signature



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]