diff options
| author | joe <joe@FreeBSD.org> | 2000-04-30 21:04:36 +0000 |
|---|---|---|
| committer | joe <joe@FreeBSD.org> | 2000-04-30 21:04:36 +0000 |
| commit | 037a2d5b0f32db271e17f4fec9bd102b36a4da0b (patch) | |
| tree | 42849590f5b10615d5255a63221f85f84bf82bd3 /sbin/startslip | |
| parent | 98328065bf61d1e2406cd4eb27154dfb2743fd9b (diff) | |
| download | FreeBSD-src-037a2d5b0f32db271e17f4fec9bd102b36a4da0b.zip FreeBSD-src-037a2d5b0f32db271e17f4fec9bd102b36a4da0b.tar.gz | |
Fixes a potential buffer overflow with the pid filename.
Submitted by: Mike Heffner <spock@techfour.net>
Submitted on: audit@freebsd.org
Diffstat (limited to 'sbin/startslip')
| -rw-r--r-- | sbin/startslip/startslip.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sbin/startslip/startslip.c b/sbin/startslip/startslip.c index f0d5ce6..f273ab3 100644 --- a/sbin/startslip/startslip.c +++ b/sbin/startslip/startslip.c @@ -214,7 +214,9 @@ main(argc, argv) dvname = devicename; else dvname++; - sprintf(pidfile, PIDFILE, _PATH_VARRUN, dvname); + if (snprintf(pidfile, sizeof(pidfile), PIDFILE, _PATH_VARRUN, dvname) >= sizeof(pidfile)) + usage(); + if ((pfd = fopen(pidfile, "r")) != NULL) { if (fscanf(pfd, "%ld\n", &lpid) == 1) { pid = lpid; |
