From: "Michael Büsch" <m@bues.ch>
To: b43-dev@lists.infradead.org
Subject: bcm43xx-fwcutter bug report
Date: Wed, 23 Apr 2014 16:21:49 +0200 [thread overview]
Message-ID: <20140423162149.3573beb5@wiggum> (raw)
In-Reply-To: <DUB130-W5FA86F300757E1CF667AB9C580@phx.gbl>
On Wed, 23 Apr 2014 12:53:02 +0000
David Binderman <dcb314@hotmail.com> wrote:
> [fwcutter.c:497]: (error) Dangerous usage of 'shortname' (strncpy doesn't always null-terminate it).
>
> Source code is
>
> ??? if (strlen(file->name)> 20) {
> ??????? strncpy(shortname, file->name, 18);
> ??????? snprintf(filename, sizeof(filename), "%s..", shortname);
> ??? } else
> ??????? strcpy (filename, file->name);
Please upgrade to a non-ancient version of fwcutter.
http://bues.ch/b43/fwcutter/
Current versions do this:
> if (strlen(file->name) > 20) {
> strncpy(shortname, file->name, 20);
> shortname[20] = '\0';
> snprintf(filename, sizeof(filename), "%s..", shortname);
> } else
> strcpy (filename, file->name);
--
Michael.
----
Please use PGP/GPG encryption.
Key-ID: F532BE1D908D8B0E
--------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/b43-dev/attachments/20140423/ed094624/attachment.sig>
prev parent reply other threads:[~2014-04-23 14:21 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-23 12:53 bcm43xx-fwcutter bug report David Binderman
2014-04-23 14:21 ` Michael Büsch [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140423162149.3573beb5@wiggum \
--to=m@bues.ch \
--cc=b43-dev@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).