[DragonFlyBSD - Bug #3002] (Closed) usr.sbin/mfiutil/mfi_foreign.c:189: buffer too small ?

bugtracker-admin at leaf.dragonflybsd.org bugtracker-admin at leaf.dragonflybsd.org
Mon Apr 10 21:43:21 PDT 2017


Issue #3002 has been updated by dillon.

Status changed from New to Closed

Fix committed by Matt

----------------------------------------
Bug #3002: usr.sbin/mfiutil/mfi_foreign.c:189: buffer too small ?
http://bugs.dragonflybsd.org/issues/3002#change-13118

* Author: dcb
* Status: Closed
* Priority: Normal
* Assignee: 
* Category: 
* Target version: 
----------------------------------------
usr.sbin/mfiutil/mfi_foreign.c:189]: (error) Buffer is accessed out of bounds: prefix

Source code is

       sprintf(prefix, "Foreign configuration preview %d", cfgidx);

but

    char prefix[26];

I count at least 32 chars written by sprintf into prefix.
Suggest increase size of prefix.

I don't know which compiler this code is compiled by, but I
do know that recent version of gcc have a preprocessor
macro called _FORTIFY_SOURCE=2 which should detect this
kind of problem.




-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account


More information about the Bugs mailing list