projects / freebsd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 685228f) | patch
restore(8): Prevent some heap overflows
authorcem <cem@FreeBSD.org>
Fri, 14 Apr 2017 00:14:40 +0000 (00:14 +0000)
committercem <cem@FreeBSD.org>
Fri, 14 Apr 2017 00:14:40 +0000 (00:14 +0000)
commitf26377444897b598d9b59f9045d0eb4683805b4e
treebdf7dca60d97fa6cc00b407ca2af483e8d352670tree | snapshot
parent685228f3659e80e2dfc0559ad6eac5abe9bd34a0commit | diff
restore(8): Prevent some heap overflows

The environment variable TMPDIR was copied unchecked into a fixed-size heap
buffer.  Use a length-limiting snprintf in place of ordinary sprintf to
prevent the overflow.  Long TMPDIR variables can still cause odd truncated
filenames, which may be undesirable.

Reported by: Coverity (CWE-120)
CIDs: 1006706, 1006707
Sponsored by: Dell EMC Isilon
sbin/restore/dirs.c diff | blob | blame | history
FreeBSD Project Source