From 153773c7cb44ee4f1fe3dc6d34130d58aa4afc91 Mon Sep 17 00:00:00 2001 From: obrien Date: Thu, 18 Dec 2008 18:44:46 +0000 Subject: Be a little bit more pestimistic in argument handling - check if we've overflown our internal buffer (though after the fact), and s/strncpy/strlcpy/ Reviewed by: rodrigc Obtained from: Juniper Networks --- sbin/mount/mount.c | 8 +++++++- sbin/mount/mount_fs.c | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) (limited to 'sbin/mount') diff --git a/sbin/mount/mount.c b/sbin/mount/mount.c index c42e9db..38a1c8a 100644 --- a/sbin/mount/mount.c +++ b/sbin/mount/mount.c @@ -68,6 +68,8 @@ static const char rcsid[] = #define MOUNT_META_OPTION_FSTAB "fstab" #define MOUNT_META_OPTION_CURRENT "current" +#define MAX_ARGS 100 + int debug, fstab_style, verbose; char *catopt(char *, const char *); @@ -501,7 +503,7 @@ int mountfs(const char *vfstype, const char *spec, const char *name, int flags, const char *options, const char *mntopts) { - char *argv[100]; + char *argv[MAX_ARGS]; struct statfs sf; int argc, i, ret; char *optbuf, execname[PATH_MAX], mntpath[PATH_MAX]; @@ -546,6 +548,10 @@ mountfs(const char *vfstype, const char *spec, const char *name, int flags, argv[argc++] = strdup(name); argv[argc] = NULL; + if (MAX_ARGS <= argc ) + errx(1, "Cannot process more than %d mount arguments", + MAX_ARGS); + if (debug) { if (use_mountprog(vfstype)) printf("exec: mount_%s", vfstype); diff --git a/sbin/mount/mount_fs.c b/sbin/mount/mount_fs.c index 6ab15a3..94b679b 100644 --- a/sbin/mount/mount_fs.c +++ b/sbin/mount/mount_fs.c @@ -88,7 +88,7 @@ mount_fs(const char *vfstype, int argc, char *argv[]) char *p, *val; int ret; - strncpy(fstype, vfstype, sizeof(fstype)); + strlcpy(fstype, vfstype, sizeof(fstype)); memset(errmsg, 0, sizeof(errmsg)); getmnt_silent = 1; -- cgit v1.1