diff options
author | joe <joe@FreeBSD.org> | 1999-12-05 20:05:45 +0000 |
---|---|---|
committer | joe <joe@FreeBSD.org> | 1999-12-05 20:05:45 +0000 |
commit | 3955613d85a90688ef42ca8405fa4ea6d09fb5d4 (patch) | |
tree | 87789b1ada3c43b9964657fa52d53aa7b423c0e6 /usr.sbin | |
parent | 59ba729c30037661a58da4f4dc7092d339395a31 (diff) | |
download | FreeBSD-src-3955613d85a90688ef42ca8405fa4ea6d09fb5d4.zip FreeBSD-src-3955613d85a90688ef42ca8405fa4ea6d09fb5d4.tar.gz |
Fixed a potential buffer overflow problem, in the device name handling.
PR: bin/15101
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/cdcontrol/cdcontrol.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/usr.sbin/cdcontrol/cdcontrol.c b/usr.sbin/cdcontrol/cdcontrol.c index 7fad22e..c38fdb2 100644 --- a/usr.sbin/cdcontrol/cdcontrol.c +++ b/usr.sbin/cdcontrol/cdcontrol.c @@ -33,6 +33,7 @@ static const char rcsid[] = #include <sys/file.h> #include <sys/cdio.h> #include <sys/ioctl.h> +#include <sys/param.h> #include <histedit.h> #define VERSION "2.0" @@ -1036,17 +1037,18 @@ char *parse (char *buf, int *cmd) int open_cd () { - char devbuf[80]; + char devbuf[MAXPATHLEN]; if (fd > -1) return (1); - if (*cdname == '/') - strcpy (devbuf, cdname); - else if (*cdname == 'r') - sprintf (devbuf, "/dev/%s", cdname); - else - sprintf (devbuf, "/dev/r%s", cdname); + if (*cdname == '/') { + snprintf (devbuf, MAXPATHLEN, "%s", cdname); + } else if (*cdname == 'r') { + snprintf (devbuf, MAXPATHLEN, "/dev/%s", cdname); + } else { + snprintf (devbuf, MAXPATHLEN, "/dev/r%s", cdname); + } fd = open (devbuf, O_RDONLY); |