bcm43xx-fwcutter bug report
Michael Büsch
m at bues.ch
Wed Apr 23 07:21:49 PDT 2014
On Wed, 23 Apr 2014 12:53:02 +0000
David Binderman <dcb314 at hotmail.com> wrote:
> [fwcutter.c:497]: (error) Dangerous usage of 'shortname' (strncpy doesn't always null-terminate it).
>
> Source code is
>
> if (strlen(file->name)> 20) {
> strncpy(shortname, file->name, 18);
> snprintf(filename, sizeof(filename), "%s..", shortname);
> } else
> strcpy (filename, file->name);
Please upgrade to a non-ancient version of fwcutter.
http://bues.ch/b43/fwcutter/
Current versions do this:
> if (strlen(file->name) > 20) {
> strncpy(shortname, file->name, 20);
> shortname[20] = '\0';
> snprintf(filename, sizeof(filename), "%s..", shortname);
> } else
> strcpy (filename, file->name);
--
Michael.
----
Please use PGP/GPG encryption.
Key-ID: F532BE1D908D8B0E
--------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/b43-dev/attachments/20140423/ed094624/attachment.sig>
More information about the b43-dev
mailing list