kopia lustrzana https://github.com/Hamlib/Hamlib
Assure NULL terminated strings in rpc files.
Various strncpy operations could result in a port pathname that is not a NULL terminated string as the allowed string length is the same size as the buffer per the strncpy manual page. This is corrected by assuring that the allowed length is FILPATHLEN - 1.Hamlib-1.2.15
rodzic
b31cc6ecd9
commit
c941966b4a
|
@ -287,7 +287,7 @@ main (int argc, char *argv[])
|
|||
}
|
||||
|
||||
if (rig_file)
|
||||
strncpy(the_rpc_rig->state.rigport.pathname, rig_file, FILPATHLEN);
|
||||
strncpy(the_rpc_rig->state.rigport.pathname, rig_file, FILPATHLEN - 1);
|
||||
|
||||
/*
|
||||
* ex: RIG_PTT_PARALLEL and /dev/parport0
|
||||
|
@ -297,9 +297,9 @@ main (int argc, char *argv[])
|
|||
if (dcd_type != RIG_DCD_NONE)
|
||||
the_rpc_rig->state.dcdport.type.dcd = dcd_type;
|
||||
if (ptt_file)
|
||||
strncpy(the_rpc_rig->state.pttport.pathname, ptt_file, FILPATHLEN);
|
||||
strncpy(the_rpc_rig->state.pttport.pathname, ptt_file, FILPATHLEN - 1);
|
||||
if (dcd_file)
|
||||
strncpy(the_rpc_rig->state.dcdport.pathname, dcd_file, FILPATHLEN);
|
||||
strncpy(the_rpc_rig->state.dcdport.pathname, dcd_file, FILPATHLEN - 1);
|
||||
/* FIXME: bound checking and port type == serial */
|
||||
if (serial_rate != 0)
|
||||
the_rpc_rig->state.rigport.parm.serial.rate = serial_rate;
|
||||
|
|
|
@ -216,7 +216,7 @@ main (int argc, char *argv[])
|
|||
}
|
||||
|
||||
if (rot_file)
|
||||
strncpy(the_rpc_rot->state.rotport.pathname, rot_file, FILPATHLEN);
|
||||
strncpy(the_rpc_rot->state.rotport.pathname, rot_file, FILPATHLEN - 1);
|
||||
/* FIXME: bound checking and port type == serial */
|
||||
if (serial_rate != 0)
|
||||
the_rpc_rot->state.rotport.parm.serial.rate = serial_rate;
|
||||
|
|
Ładowanie…
Reference in New Issue