✘Prevent potential buffer overruns in the mode 6 code.
Matthew Selsky
Matthew.Selsky at twosigma.com
Mon Sep 4 20:38:51 UTC 2017
On Mon, Mar 13, 2017 at 12:11:47PM -0700, Gary E. Miller wrote:
> Yo Ertic!
>
>
> cp = buffer;
> cq = tag;
> - while (*cq != '\0')
> + while (*cq != '\0' && cp < buffer + sizeof(buffer) - 1)
> *cp++ = *cq++;
>
>
> Why not just use strlcpy? NTPsec has its own copy if the OS does
> not provide it. This sort of bit-picky C code is where problems lurk.
Hey Eric,
Was there an off-list answer to this? Can we switch to strlcpy() for the cases where we're copying null-terminated strings?
Thanks,
-Matt
More information about the devel
mailing list