diff options
| author | Josef Karthauser <joe@FreeBSD.org> | 2000-04-30 21:04:36 +0000 |
|---|---|---|
| committer | Josef Karthauser <joe@FreeBSD.org> | 2000-04-30 21:04:36 +0000 |
| commit | dee921f457ba015eee25ed075c7ddc2554c6763a (patch) | |
| tree | 16a5c57ec05fd55df74d82b5704ea224d2e00d72 /sbin/startslip/startslip.c | |
| parent | 30395bb5f1bdae1546746d112798e528e9464924 (diff) | |
| download | src-dee921f457ba015eee25ed075c7ddc2554c6763a.tar.gz src-dee921f457ba015eee25ed075c7ddc2554c6763a.zip | |
Fixes a potential buffer overflow with the pid filename.
Submitted by: Mike Heffner <spock@techfour.net>
Submitted on: audit@freebsd.org
Notes
Notes:
svn path=/head/; revision=59799
Diffstat (limited to 'sbin/startslip/startslip.c')
| -rw-r--r-- | sbin/startslip/startslip.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sbin/startslip/startslip.c b/sbin/startslip/startslip.c index f0d5ce6180ef..f273ab3d6553 100644 --- a/sbin/startslip/startslip.c +++ b/sbin/startslip/startslip.c @@ -214,7 +214,9 @@ main(argc, argv) dvname = devicename; else dvname++; - sprintf(pidfile, PIDFILE, _PATH_VARRUN, dvname); + if (snprintf(pidfile, sizeof(pidfile), PIDFILE, _PATH_VARRUN, dvname) >= sizeof(pidfile)) + usage(); + if ((pfd = fopen(pidfile, "r")) != NULL) { if (fscanf(pfd, "%ld\n", &lpid) == 1) { pid = lpid; |