diff options
author | truckman <truckman@FreeBSD.org> | 2016-05-26 01:45:04 +0000 |
---|---|---|
committer | truckman <truckman@FreeBSD.org> | 2016-05-26 01:45:04 +0000 |
commit | 48b6d2c8b7c6aa6df4bf6cc5c1f107869764b5f3 (patch) | |
tree | aeebb23ad0b96551a1661b1fe5877ec09f1a5ec8 /usr.sbin/tzsetup | |
parent | 258d969a37a15bb8c9793035ccdb7fae5e5699fb (diff) | |
download | FreeBSD-src-48b6d2c8b7c6aa6df4bf6cc5c1f107869764b5f3.zip FreeBSD-src-48b6d2c8b7c6aa6df4bf6cc5c1f107869764b5f3.tar.gz |
Avoid buffer overflow or truncation when constructing path_zoneinfo_file.
Reported by: Coverity
CID: 1011160
MFC after: 1 week
Diffstat (limited to 'usr.sbin/tzsetup')
-rw-r--r-- | usr.sbin/tzsetup/tzsetup.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.sbin/tzsetup/tzsetup.c b/usr.sbin/tzsetup/tzsetup.c index e571d1f..ce9e148 100644 --- a/usr.sbin/tzsetup/tzsetup.c +++ b/usr.sbin/tzsetup/tzsetup.c @@ -838,7 +838,9 @@ install_zoneinfo(const char *zoneinfo) FILE *f; char path_zoneinfo_file[MAXPATHLEN]; - sprintf(path_zoneinfo_file, "%s/%s", path_zoneinfo, zoneinfo); + if ((size_t)snprintf(path_zoneinfo_file, sizeof(path_zoneinfo_file), + "%s/%s", path_zoneinfo, zoneinfo) >= sizeof(path_zoneinfo_file)) + errx(1, "%s/%s name too long", path_zoneinfo, zoneinfo); rv = install_zoneinfo_file(path_zoneinfo_file); /* Save knowledge for later */ |