diff options
author | asomers <asomers@FreeBSD.org> | 2017-05-30 15:18:22 +0000 |
---|---|---|
committer | asomers <asomers@FreeBSD.org> | 2017-05-30 15:18:22 +0000 |
commit | de397ab94c0ae9b023ad4c6e02e762c52aaa9dc0 (patch) | |
tree | 4f69bf660d0d3e9fccd2e6fc9a705211204cad85 | |
parent | b9f957f3c6e4edf122f9327c5c610792ab2fbf19 (diff) | |
download | FreeBSD-src-de397ab94c0ae9b023ad4c6e02e762c52aaa9dc0.zip FreeBSD-src-de397ab94c0ae9b023ad4c6e02e762c52aaa9dc0.tar.gz |
MFC r318141, r318143-r318144
r318141:
strcpy => strlcpy
Reported by: Coverity
CID: 1352771
Sponsored by: Spectra Logic Corp
r318143:
strcpy => strlcpy
Reported by: Coverity
CID: 1006715
Sponsored by: Spectra Logic Corp
r318144:
Don't depend on assert(3) getting evaluated
Reported by: imp
X-MFC-With: 318141, 318143
Sponsored by: Spectra Logic Corp
-rw-r--r-- | usr.bin/mkuzip/mkuzip.c | 5 | ||||
-rw-r--r-- | usr.sbin/pw/pw_user.c | 6 |
2 files changed, 8 insertions, 3 deletions
diff --git a/usr.bin/mkuzip/mkuzip.c b/usr.bin/mkuzip/mkuzip.c index 6288f4e..1a78ae2 100644 --- a/usr.bin/mkuzip/mkuzip.c +++ b/usr.bin/mkuzip/mkuzip.c @@ -108,7 +108,7 @@ int main(int argc, char **argv) struct mkuz_conveyor *cvp; void *c_ctx; struct mkuz_blk_info *chit; - size_t ncpusz, ncpu; + size_t ncpusz, ncpu, magiclen; double st, et; st = getdtime(); @@ -192,7 +192,8 @@ int main(int argc, char **argv) /* Not reached */ } - strcpy(hdr.magic, cfs.handler->magic); + magiclen = strlcpy(hdr.magic, cfs.handler->magic, sizeof(hdr.magic)); + assert(magiclen < sizeof(hdr.magic)); if (cfs.en_dedup != 0) { hdr.magic[CLOOP_OFS_VERSN] = CLOOP_MAJVER_3; diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index 5466bec..76849ba 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -33,6 +33,7 @@ static const char rcsid[] = #include <sys/param.h> #include <sys/types.h> +#include <assert.h> #include <ctype.h> #include <dirent.h> #include <err.h> @@ -490,6 +491,7 @@ pw_pwcrypt(char *password) char salt[SALTSIZE + 1]; char *cryptpw; static char buf[256]; + size_t pwlen; /* * Calculate a salt value @@ -501,7 +503,9 @@ pw_pwcrypt(char *password) cryptpw = crypt(password, salt); if (cryptpw == NULL) errx(EX_CONFIG, "crypt(3) failure"); - return strcpy(buf, cryptpw); + pwlen = strlcpy(buf, cryptpw, sizeof(buf)); + assert(pwlen < sizeof(buf)); + return (buf); } static char * |