pty(4): Use strlcpy to guarantee destination buffer isn't overrun
The devtoname() name is strcpyed into a small stack buffer. Sure, we always expect the name to be ttyXX (or ptyXX). If that's the case, strlcpy() doesn't hurt. Reported by: Coverity CID: 1006768 Sponsored by: EMC / Isilon Storage Division
This commit is contained in:
parent
e3081f7e3e
commit
b51230b720
@ -67,7 +67,7 @@ ptydev_fdopen(struct cdev *dev, int fflags, struct thread *td, struct file *fp)
|
||||
return (EBUSY);
|
||||
|
||||
/* Generate device name and create PTY. */
|
||||
strcpy(name, devtoname(dev));
|
||||
strlcpy(name, devtoname(dev), sizeof(name));
|
||||
name[0] = 't';
|
||||
|
||||
error = pts_alloc_external(fflags & (FREAD|FWRITE), td, fp, dev, name);
|
||||
|
Loading…
x
Reference in New Issue
Block a user