d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PR: bin/9031

Browse Source 
Changed unbounded strcpy() to snprintf() to fix buffer overrun exploit
This commit is contained in:
Matthew Dillon 1998-12-12 20:56:53 +00:00
parent 25b30a3ebb
commit 3a3c0cf418
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=41699
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libexec/bootpd/bootpd.c
View File

@ -19,7 +19,7 @@ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
SOFTWARE.
$Id: bootpd.c,v 1.7 1997/05/11 14:27:03 phk Exp $
$Id: bootpd.c,v 1.8 1998/06/03 20:01:28 joerg Exp $
************************************************************************/
@ -833,7 +833,7 @@ HW addr type is IEEE 802. convert to %s and check again\n",
* daemon chroot directory (i.e. /tftpboot).
*/
if (hp->flags.tftpdir) {
strcpy(realpath, hp->tftpdir->string);
snprintf(realpath, sizeof(realpath), "%s", hp->tftpdir->string);
clntpath = &realpath[strlen(realpath)];
} else {
realpath[0] = '\0';