diff options
| author | Don Lewis <truckman@FreeBSD.org> | 2016-06-08 05:32:39 +0000 |
|---|---|---|
| committer | Don Lewis <truckman@FreeBSD.org> | 2016-06-08 05:32:39 +0000 |
| commit | 4af86fb4f9a04f31e557deab6436606d3ffc6f55 (patch) | |
| tree | 5c16c6877f06b04bd67c6598ec8a8f63c02c42c9 /bin/setfacl | |
| parent | 3fc292d56bb3eec13186f6e3ae06d7ce382e1ef8 (diff) | |
| download | src-4af86fb4f9a04f31e557deab6436606d3ffc6f55.tar.gz src-4af86fb4f9a04f31e557deab6436606d3ffc6f55.zip | |
Explicitly NUL terminate the buffer filled by fread().
The fix in r300649 was not sufficient to convince Coverity that the
buffer was NUL terminated, even with the buffer pre-zeroed. Swap
the size and nmemb arguments to fread() so that a valid lenght is
returned, which we can use to terminate the string in the buffer
at the correct location. This should also quiet the complaint about
the return value of fread() not being checked.
Reported by: Coverity
CID: 1019054, 1009614
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=301582
Diffstat (limited to 'bin/setfacl')
| -rw-r--r-- | bin/setfacl/file.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/bin/setfacl/file.c b/bin/setfacl/file.c index e5e19a24773a..7499f1cecf00 100644 --- a/bin/setfacl/file.c +++ b/bin/setfacl/file.c @@ -43,13 +43,12 @@ acl_t get_acl_from_file(const char *filename) { FILE *file; + size_t len; char buf[BUFSIZ+1]; if (filename == NULL) err(1, "(null) filename in get_acl_from_file()"); - bzero(&buf, sizeof(buf)); - if (strcmp(filename, "-") == 0) { if (have_stdin != 0) err(1, "cannot specify more than one stdin"); @@ -61,7 +60,8 @@ get_acl_from_file(const char *filename) err(1, "fopen() %s failed", filename); } - fread(buf, sizeof(buf) - 1, (size_t)1, file); + len = fread(buf, (size_t)1, sizeof(buf) - 1, file); + buf[len] = '\0'; if (ferror(file) != 0) { fclose(file); err(1, "error reading from %s", filename); |