* bcm43xx-fwcutter bug report
@ 2014-04-23 12:53 David Binderman
2014-04-23 14:21 ` Michael Büsch
0 siblings, 1 reply; 2+ messages in thread
From: David Binderman @ 2014-04-23 12:53 UTC (permalink / raw)
To: b43-dev
Hello there,
[fwcutter.c:497]: (error) Dangerous usage of 'shortname' (strncpy doesn't always null-terminate it).
Source code is
??? if (strlen(file->name)> 20) {
??????? strncpy(shortname, file->name, 18);
??????? snprintf(filename, sizeof(filename), "%s..", shortname);
??? } else
??????? strcpy (filename, file->name);
Maybe better code
??? if (strlen(file->name)> 20) {
??????? strncpy(shortname, file->name, 18);
??????? shortname[18] = '\0';
??????? snprintf(filename, sizeof(filename), "%s..", shortname);
??? } else
??????? strcpy (filename, file->name);
Regards
David Binderman
^ permalink raw reply [flat|nested] 2+ messages in thread
* bcm43xx-fwcutter bug report
2014-04-23 12:53 bcm43xx-fwcutter bug report David Binderman
@ 2014-04-23 14:21 ` Michael Büsch
0 siblings, 0 replies; 2+ messages in thread
From: Michael Büsch @ 2014-04-23 14:21 UTC (permalink / raw)
To: b43-dev
On Wed, 23 Apr 2014 12:53:02 +0000
David Binderman <dcb314@hotmail.com> wrote:
> [fwcutter.c:497]: (error) Dangerous usage of 'shortname' (strncpy doesn't always null-terminate it).
>
> Source code is
>
> ??? if (strlen(file->name)> 20) {
> ??????? strncpy(shortname, file->name, 18);
> ??????? snprintf(filename, sizeof(filename), "%s..", shortname);
> ??? } else
> ??????? strcpy (filename, file->name);
Please upgrade to a non-ancient version of fwcutter.
http://bues.ch/b43/fwcutter/
Current versions do this:
> if (strlen(file->name) > 20) {
> strncpy(shortname, file->name, 20);
> shortname[20] = '\0';
> snprintf(filename, sizeof(filename), "%s..", shortname);
> } else
> strcpy (filename, file->name);
--
Michael.
----
Please use PGP/GPG encryption.
Key-ID: F532BE1D908D8B0E
--------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/b43-dev/attachments/20140423/ed094624/attachment.sig>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-04-23 14:21 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-04-23 12:53 bcm43xx-fwcutter bug report David Binderman
2014-04-23 14:21 ` Michael Büsch
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox