diff options
author | mav <mav@FreeBSD.org> | 2014-11-02 17:31:10 +0000 |
---|---|---|
committer | mav <mav@FreeBSD.org> | 2014-11-02 17:31:10 +0000 |
commit | 9e735a2fb274650ab0429e5e3af33e1598487f5a (patch) | |
tree | eb37033ecd59217a51dd4781af3bb4ae4041fdea /sys/cam | |
parent | c9979422b8439b7bb026044fabac719ee44dc589 (diff) | |
download | FreeBSD-src-9e735a2fb274650ab0429e5e3af33e1598487f5a.zip FreeBSD-src-9e735a2fb274650ab0429e5e3af33e1598487f5a.tar.gz |
MFC r273693: Fix printing non-terminated strings in devlist XML.
Diffstat (limited to 'sys/cam')
-rw-r--r-- | sys/cam/ctl/ctl.c | 12 | ||||
-rw-r--r-- | sys/cam/ctl/ctl.h | 2 |
2 files changed, 9 insertions, 5 deletions
diff --git a/sys/cam/ctl/ctl.c b/sys/cam/ctl/ctl.c index 1d557fd..3e323bc 100644 --- a/sys/cam/ctl/ctl.c +++ b/sys/cam/ctl/ctl.c @@ -2202,13 +2202,14 @@ ctl_copyout_args(int num_args, struct ctl_be_arg *args) * Escape characters that are illegal or not recommended in XML. */ int -ctl_sbuf_printf_esc(struct sbuf *sb, char *str) +ctl_sbuf_printf_esc(struct sbuf *sb, char *str, int size) { + char *end = str + size; int retval; retval = 0; - for (; *str; str++) { + for (; *str && str < end; str++) { switch (*str) { case '&': retval = sbuf_printf(sb, "&"); @@ -3200,7 +3201,8 @@ ctl_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag, break; retval = ctl_sbuf_printf_esc(sb, - lun->be_lun->serial_num); + lun->be_lun->serial_num, + sizeof(lun->be_lun->serial_num)); if (retval != 0) break; @@ -3215,7 +3217,9 @@ ctl_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag, if (retval != 0) break; - retval = ctl_sbuf_printf_esc(sb,lun->be_lun->device_id); + retval = ctl_sbuf_printf_esc(sb, + lun->be_lun->device_id, + sizeof(lun->be_lun->device_id)); if (retval != 0) break; diff --git a/sys/cam/ctl/ctl.h b/sys/cam/ctl/ctl.h index 9c7b04b..a9de265 100644 --- a/sys/cam/ctl/ctl.h +++ b/sys/cam/ctl/ctl.h @@ -156,7 +156,7 @@ int ctl_port_list(struct ctl_port_entry *entries, int num_entries_alloced, * Put a string into an sbuf, escaping characters that are illegal or not * recommended in XML. Note this doesn't escape everything, just > < and &. */ -int ctl_sbuf_printf_esc(struct sbuf *sb, char *str); +int ctl_sbuf_printf_esc(struct sbuf *sb, char *str, int size); int ctl_ffz(uint32_t *mask, uint32_t size); int ctl_set_mask(uint32_t *mask, uint32_t bit); |