[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-inetutils] [PATCH] syslogd: Fix possible memory corruption whil
From: |
Ludovic Courtès |
Subject: |
Re: [bug-inetutils] [PATCH] syslogd: Fix possible memory corruption while reading configuration file. |
Date: |
Thu, 02 Apr 2015 10:13:47 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux) |
address@hidden (Alfred M. Szmidt) skribis:
> diff --git a/src/syslogd.c b/src/syslogd.c
> index c1280e9..dd99dda 100644
> --- a/src/syslogd.c
> +++ b/src/syslogd.c
> @@ -1989,7 +1989,7 @@ load_conffile (const char *filename, struct filed
> **nextp)
> if (*p == '\0' || *p == '#')
> continue;
>
> - strcpy (cline, p);
> + bcopy (p, cline, strlen (p) + 1);
>
> Thanks! I'll read the bug report tomorrow -- I think there is more
> than catches the eye. Leading whitespace before the selector is not
> valid syntax for syslog.conf AFAIR.
It’s valid syntax in practice, and that’s one would expect, I think.
> Also, bcopy was marked deprecated in POSIX 2001, and removed in 2008;
> memcpy is always prefered.
Oh right, ‘memmove’ then.
> And in this case, strncpy would be more apt.
No because the regions overlap.
Thanks!
Ludo’.