diff options
| author | imp <imp@FreeBSD.org> | 1998-06-09 04:31:02 +0000 |
|---|---|---|
| committer | imp <imp@FreeBSD.org> | 1998-06-09 04:31:02 +0000 |
| commit | 8c96be00ef748f03f9e7f9f5934e7b0d53d1c872 (patch) | |
| tree | 4cac82b29697cfe595adc937f0a97621ae134760 /usr.bin/tftp | |
| parent | 9a6732bd4e65d3bdaeb59e6b7cd0331484e1c331 (diff) | |
| download | FreeBSD-src-8c96be00ef748f03f9e7f9f5934e7b0d53d1c872.zip FreeBSD-src-8c96be00ef748f03f9e7f9f5934e7b0d53d1c872.tar.gz | |
Don't assume that hp->h_lenght == 4. Be conservative in its use.
Submitted by: J. Assange a long time ago.
Diffstat (limited to 'usr.bin/tftp')
| -rw-r--r-- | usr.bin/tftp/main.c | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/usr.bin/tftp/main.c b/usr.bin/tftp/main.c index 5c9376d..d767463 100644 --- a/usr.bin/tftp/main.c +++ b/usr.bin/tftp/main.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/6/93"; #endif static const char rcsid[] = - "$Id$"; + "$Id: main.c,v 1.5 1997/08/14 06:47:39 charnier Exp $"; #endif /* not lint */ /* Many bug fixes are from Jim Guyton <guyton@rand-unix> */ @@ -54,6 +54,7 @@ static const char rcsid[] = #include <sys/types.h> #include <sys/socket.h> #include <sys/file.h> +#include <sys/param.h> #include <netinet/in.h> @@ -204,8 +205,9 @@ setpeer(argc, argv) host = gethostbyname(argv[1]); if (host) { peeraddr.sin_family = host->h_addrtype; - bcopy(host->h_addr, &peeraddr.sin_addr, host->h_length); - strcpy(hostname, host->h_name); + bcopy(host->h_addr, &peeraddr.sin_addr, + MIN(sizeof(peeraddr.sin_addr), host->h_length)); + strncpy(hostname, host->h_name, sizeof(hostname)); } else { peeraddr.sin_family = AF_INET; peeraddr.sin_addr.s_addr = inet_addr(argv[1]); @@ -214,8 +216,9 @@ setpeer(argc, argv) printf("%s: unknown host\n", argv[1]); return; } - strcpy(hostname, argv[1]); + strncpy(hostname, argv[1], sizeof(hostname)); } + hostname[sizeof(hostname) - 1] = '\0'; port = sp->s_port; if (argc == 3) { port = atoi(argv[2]); @@ -348,10 +351,12 @@ put(argc, argv) herror((char *)NULL); return; } - bcopy(hp->h_addr, (caddr_t)&peeraddr.sin_addr, hp->h_length); + bcopy(hp->h_addr, (caddr_t)&peeraddr.sin_addr, + MIN(sizeof(peeraddr.sin_addr), hp->h_length)); peeraddr.sin_family = hp->h_addrtype; connected = 1; - strcpy(hostname, hp->h_name); + strncpy(hostname, hp->h_name, sizeof(hostname)); + hostname[sizeof(hostname) - 1] = '\0'; } if (!connected) { printf("No target machine specified.\n"); @@ -445,10 +450,11 @@ get(argc, argv) continue; } bcopy(hp->h_addr, (caddr_t)&peeraddr.sin_addr, - hp->h_length); + MIN(sizeof(peeraddr.sin_addr), hp->h_length)); peeraddr.sin_family = hp->h_addrtype; connected = 1; - strcpy(hostname, hp->h_name); + strncpy(hostname, hp->h_name, sizeof(hostname)); + hostname[sizeof(hostname) - 1] = '\0'; } if (argc < 4) { cp = argc == 3 ? argv[2] : tail(src); |
