diff options
author | obrien <obrien@FreeBSD.org> | 2008-12-18 18:44:46 +0000 |
---|---|---|
committer | obrien <obrien@FreeBSD.org> | 2008-12-18 18:44:46 +0000 |
commit | 153773c7cb44ee4f1fe3dc6d34130d58aa4afc91 (patch) | |
tree | 14e752bd7720dc56bfe9c5b5e0f2e5dacfc7c388 /sbin | |
parent | 0916e17ef6880f2047fbebd4ea9ef919bab9757e (diff) | |
download | FreeBSD-src-153773c7cb44ee4f1fe3dc6d34130d58aa4afc91.zip FreeBSD-src-153773c7cb44ee4f1fe3dc6d34130d58aa4afc91.tar.gz |
Be a little bit more pestimistic in argument handling - check if we've
overflown our internal buffer (though after the fact), and s/strncpy/strlcpy/
Reviewed by: rodrigc
Obtained from: Juniper Networks
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/mount/mount.c | 8 | ||||
-rw-r--r-- | sbin/mount/mount_fs.c | 2 |
2 files changed, 8 insertions, 2 deletions
diff --git a/sbin/mount/mount.c b/sbin/mount/mount.c index c42e9db..38a1c8a 100644 --- a/sbin/mount/mount.c +++ b/sbin/mount/mount.c @@ -68,6 +68,8 @@ static const char rcsid[] = #define MOUNT_META_OPTION_FSTAB "fstab" #define MOUNT_META_OPTION_CURRENT "current" +#define MAX_ARGS 100 + int debug, fstab_style, verbose; char *catopt(char *, const char *); @@ -501,7 +503,7 @@ int mountfs(const char *vfstype, const char *spec, const char *name, int flags, const char *options, const char *mntopts) { - char *argv[100]; + char *argv[MAX_ARGS]; struct statfs sf; int argc, i, ret; char *optbuf, execname[PATH_MAX], mntpath[PATH_MAX]; @@ -546,6 +548,10 @@ mountfs(const char *vfstype, const char *spec, const char *name, int flags, argv[argc++] = strdup(name); argv[argc] = NULL; + if (MAX_ARGS <= argc ) + errx(1, "Cannot process more than %d mount arguments", + MAX_ARGS); + if (debug) { if (use_mountprog(vfstype)) printf("exec: mount_%s", vfstype); diff --git a/sbin/mount/mount_fs.c b/sbin/mount/mount_fs.c index 6ab15a3..94b679b 100644 --- a/sbin/mount/mount_fs.c +++ b/sbin/mount/mount_fs.c @@ -88,7 +88,7 @@ mount_fs(const char *vfstype, int argc, char *argv[]) char *p, *val; int ret; - strncpy(fstype, vfstype, sizeof(fstype)); + strlcpy(fstype, vfstype, sizeof(fstype)); memset(errmsg, 0, sizeof(errmsg)); getmnt_silent = 1; |