diff options
| author | asomers <asomers@FreeBSD.org> | 2015-06-09 19:41:16 +0000 |
|---|---|---|
| committer | asomers <asomers@FreeBSD.org> | 2015-06-09 19:41:16 +0000 |
| commit | fe9825745fcfd8a9662704e611007570a1ca1387 (patch) | |
| tree | 67e600e04ff5273088ba60a0ff5e0ab0cb2c26cc | |
| parent | 1e1007b43a9b2b1c1946d7523093ca25dab3707a (diff) | |
| download | FreeBSD-src-fe9825745fcfd8a9662704e611007570a1ca1387.zip FreeBSD-src-fe9825745fcfd8a9662704e611007570a1ca1387.tar.gz | |
MFC r283115
Properly null-terminate strings in a kernel dump header. A version string
longer than 192 bytes will cause the version field of a dump header to
overflow. strncpy doesn't null terminate it, so savecore will print a
corrupted info file. Using strlcpy fixes the bug.
| -rw-r--r-- | sys/kern/kern_shutdown.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/sys/kern/kern_shutdown.c b/sys/kern/kern_shutdown.c index be91a2d..f3b3c30 100644 --- a/sys/kern/kern_shutdown.c +++ b/sys/kern/kern_shutdown.c @@ -882,16 +882,16 @@ mkdumpheader(struct kerneldumpheader *kdh, char *magic, uint32_t archver, { bzero(kdh, sizeof(*kdh)); - strncpy(kdh->magic, magic, sizeof(kdh->magic)); - strncpy(kdh->architecture, MACHINE_ARCH, sizeof(kdh->architecture)); + strlcpy(kdh->magic, magic, sizeof(kdh->magic)); + strlcpy(kdh->architecture, MACHINE_ARCH, sizeof(kdh->architecture)); kdh->version = htod32(KERNELDUMPVERSION); kdh->architectureversion = htod32(archver); kdh->dumplength = htod64(dumplen); kdh->dumptime = htod64(time_second); kdh->blocksize = htod32(blksz); - strncpy(kdh->hostname, prison0.pr_hostname, sizeof(kdh->hostname)); - strncpy(kdh->versionstring, version, sizeof(kdh->versionstring)); + strlcpy(kdh->hostname, prison0.pr_hostname, sizeof(kdh->hostname)); + strlcpy(kdh->versionstring, version, sizeof(kdh->versionstring)); if (panicstr != NULL) - strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); + strlcpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); kdh->parity = kerneldump_parity(kdh); } |
