diff options
author | Josef Karthauser <joe@FreeBSD.org> | 1999-12-05 20:05:45 +0000 |
---|---|---|
committer | Josef Karthauser <joe@FreeBSD.org> | 1999-12-05 20:05:45 +0000 |
commit | 3712337aef87733474bf44a788e40ddb343d84b6 (patch) | |
tree | 680a45cedee2df60517ceb96f6730726a302cd60 /usr.sbin/cdcontrol/cdcontrol.c | |
parent | 73f2a3c2c833e77c469888da6c6c464aff8b78e9 (diff) | |
download | src-3712337aef87733474bf44a788e40ddb343d84b6.tar.gz src-3712337aef87733474bf44a788e40ddb343d84b6.zip |
Fixed a potential buffer overflow problem, in the device name handling.
PR: bin/15101
Notes
Notes:
svn path=/head/; revision=54164
Diffstat (limited to 'usr.sbin/cdcontrol/cdcontrol.c')
-rw-r--r-- | usr.sbin/cdcontrol/cdcontrol.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/usr.sbin/cdcontrol/cdcontrol.c b/usr.sbin/cdcontrol/cdcontrol.c index 7fad22e177be..c38fdb2bc4bc 100644 --- a/usr.sbin/cdcontrol/cdcontrol.c +++ b/usr.sbin/cdcontrol/cdcontrol.c @@ -33,6 +33,7 @@ static const char rcsid[] = #include <sys/file.h> #include <sys/cdio.h> #include <sys/ioctl.h> +#include <sys/param.h> #include <histedit.h> #define VERSION "2.0" @@ -1036,17 +1037,18 @@ char *parse (char *buf, int *cmd) int open_cd () { - char devbuf[80]; + char devbuf[MAXPATHLEN]; if (fd > -1) return (1); - if (*cdname == '/') - strcpy (devbuf, cdname); - else if (*cdname == 'r') - sprintf (devbuf, "/dev/%s", cdname); - else - sprintf (devbuf, "/dev/r%s", cdname); + if (*cdname == '/') { + snprintf (devbuf, MAXPATHLEN, "%s", cdname); + } else if (*cdname == 'r') { + snprintf (devbuf, MAXPATHLEN, "/dev/%s", cdname); + } else { + snprintf (devbuf, MAXPATHLEN, "/dev/r%s", cdname); + } fd = open (devbuf, O_RDONLY); |