d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
24d17f1e24
freebsd-dev/bin
History
Don Lewis 63a4675d89 Hopefully fix Coverity CID 1008328 (Out-of-bounds write) in /bin/sh. 
Replace the magic constant 127 in the loop interation count with
"PROMPTLEN - 1".

gethostname() is not guaranteed to NUL terminate the destination
string if it is too short. Decrease the length passed to gethostname()
by one, and add a NUL at the end of the buffer to make sure the
following loop to find the end of the name properly terminates.

The default: case is the likely cause of Coverity CID 1008328.  If
i is 126 at the top of the loop interation where the default case
is triggered, i will be incremented to 127 by the default case,
then incremented to 128 at the top of the loop before being compared
to 127 (PROMPTLENT - 1) and terminating the loop. Then the NUL
termination code after the loop will write to ps[128].  Fix by
checking for overflow before incrementing the index and storing the
second character in the buffer.

These fixes are not guaranteed to satisfy Coverity. The code that
increments i in the 'h'/'H' and 'w'/'W' cases may be beyond its
capability to analyze, but the code appears to be safe.

Reported by:	Coverity
CID:		1008328
Reviewed by:	jilles, cem
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D6482
2016-05-23 01:01:23 +00:00
..
cat Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
chflags
chio
chmod
cp
csh DIRDEPS_BUILD: Run the staged bootstrap-tools version of build-tools. 2016-05-09 22:21:09 +00:00
date Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
dd Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
df
domainname
echo
ed ed(1): simplify by using arc4random_buf(). 2016-05-21 00:45:42 +00:00
expr Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
freebsd-version
getfacl
hostname
kenv
kill
ln
ls Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
mkdir
mv Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
pax Rename getline with get_line to avoid collision with getline(3) 2016-05-10 11:11:23 +00:00
pkill Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
ps
pwait
pwd
rcp
realpath
rm
rmail
rmdir
setfacl
sh Hopefully fix Coverity CID 1008328 (Out-of-bounds write) in /bin/sh. 2016-05-23 01:01:23 +00:00
sleep Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
stty
sync
test Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
tests Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
uuidgen
Makefile
Makefile.inc