diff options
author | Conrad Meyer <cem@FreeBSD.org> | 2017-04-13 17:11:49 +0000 |
---|---|---|
committer | Conrad Meyer <cem@FreeBSD.org> | 2017-04-13 17:11:49 +0000 |
commit | c789e03fb562fde292c6b0c07c80380bee3254ca (patch) | |
tree | 1ab9035d81455fc1fb2e684280467024c04578f5 /sys/boot/common | |
parent | 842891490959f8096beb7ee24ff0b17d2b8dc719 (diff) | |
download | src-c789e03fb562fde292c6b0c07c80380bee3254ca.tar.gz src-c789e03fb562fde292c6b0c07c80380bee3254ca.zip |
loader: Avoid possible overflow via environment variable
Reported by: Coverity (CWE-120)
CID: 1006704
Sponsored by: Dell EMC Isilon
Notes
Notes:
svn path=/head/; revision=316771
Diffstat (limited to 'sys/boot/common')
-rw-r--r-- | sys/boot/common/commands.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/boot/common/commands.c b/sys/boot/common/commands.c index 2b0e8cbe0aca..def7ff284649 100644 --- a/sys/boot/common/commands.c +++ b/sys/boot/common/commands.c @@ -132,7 +132,7 @@ command_help(int argc, char *argv[]) char *topic, *subtopic, *t, *s, *d; /* page the help text from our load path */ - sprintf(buf, "%s/boot/loader.help", getenv("loaddev")); + snprintf(buf, sizeof(buf), "%s/boot/loader.help", getenv("loaddev")); if ((hfd = open(buf, O_RDONLY)) < 0) { printf("Verbose help not available, use '?' to list commands\n"); return(CMD_OK); |