aboutsummaryrefslogtreecommitdiff
path: root/usr.sbin/cdcontrol/cdcontrol.c
diff options
context:
space:
mode:
authorJosef Karthauser <joe@FreeBSD.org>1999-12-05 20:05:45 +0000
committerJosef Karthauser <joe@FreeBSD.org>1999-12-05 20:05:45 +0000
commit3712337aef87733474bf44a788e40ddb343d84b6 (patch)
tree680a45cedee2df60517ceb96f6730726a302cd60 /usr.sbin/cdcontrol/cdcontrol.c
parent73f2a3c2c833e77c469888da6c6c464aff8b78e9 (diff)
downloadsrc-3712337aef87733474bf44a788e40ddb343d84b6.tar.gz
src-3712337aef87733474bf44a788e40ddb343d84b6.zip
Fixed a potential buffer overflow problem, in the device name handling.
PR: bin/15101
Notes
Notes: svn path=/head/; revision=54164
Diffstat (limited to 'usr.sbin/cdcontrol/cdcontrol.c')
-rw-r--r--usr.sbin/cdcontrol/cdcontrol.c16
1 files changed, 9 insertions, 7 deletions
diff --git a/usr.sbin/cdcontrol/cdcontrol.c b/usr.sbin/cdcontrol/cdcontrol.c
index 7fad22e177be..c38fdb2bc4bc 100644
--- a/usr.sbin/cdcontrol/cdcontrol.c
+++ b/usr.sbin/cdcontrol/cdcontrol.c
@@ -33,6 +33,7 @@ static const char rcsid[] =
#include <sys/file.h>
#include <sys/cdio.h>
#include <sys/ioctl.h>
+#include <sys/param.h>
#include <histedit.h>
#define VERSION "2.0"
@@ -1036,17 +1037,18 @@ char *parse (char *buf, int *cmd)
int open_cd ()
{
- char devbuf[80];
+ char devbuf[MAXPATHLEN];
if (fd > -1)
return (1);
- if (*cdname == '/')
- strcpy (devbuf, cdname);
- else if (*cdname == 'r')
- sprintf (devbuf, "/dev/%s", cdname);
- else
- sprintf (devbuf, "/dev/r%s", cdname);
+ if (*cdname == '/') {
+ snprintf (devbuf, MAXPATHLEN, "%s", cdname);
+ } else if (*cdname == 'r') {
+ snprintf (devbuf, MAXPATHLEN, "/dev/%s", cdname);
+ } else {
+ snprintf (devbuf, MAXPATHLEN, "/dev/r%s", cdname);
+ }
fd = open (devbuf, O_RDONLY);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-30 17:40:48 +0000