diff options
| author | Christian Weisgerber <naddy@cvs.openbsd.org> | 2020-10-19 19:06:50 +0000 |
|---|---|---|
| committer | Christian Weisgerber <naddy@cvs.openbsd.org> | 2020-10-19 19:06:50 +0000 |
| commit | 5454133fac5af90d436ece81c7fd015ab3c2d867 (patch) | |
| tree | 45ca173773f7b0e2e38d207bf87b07a5e09d46ed | |
| parent | 782003efa79a69419b8068e19780dfba05e01016 (diff) | |
Accommodate POSIX basename(3) that takes a non-const parameter and
may in fact modify the string buffer.
truncation check requested and ok florian@
| -rw-r--r-- | usr.sbin/vmd/vioqcow2.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/usr.sbin/vmd/vioqcow2.c b/usr.sbin/vmd/vioqcow2.c index 678ed4f8eef..34d0f116cc4 100644 --- a/usr.sbin/vmd/vioqcow2.c +++ b/usr.sbin/vmd/vioqcow2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vioqcow2.c,v 1.13 2019/01/10 19:21:02 deraadt Exp $ */ +/* $OpenBSD: vioqcow2.c,v 1.14 2020/10/19 19:06:49 naddy Exp $ */ /* * Copyright (c) 2018 Ori Bernstein <ori@eigenstate.org> @@ -145,6 +145,7 @@ virtio_qcow2_init(struct virtio_backing *file, off_t *szp, int *fd, size_t nfd) ssize_t virtio_qcow2_get_base(int fd, char *path, size_t npath, const char *dpath) { + char dpathbuf[PATH_MAX]; char expanded[PATH_MAX]; struct qcheader header; uint64_t backingoff; @@ -186,7 +187,12 @@ virtio_qcow2_get_base(int fd, char *path, size_t npath, const char *dpath) return -1; } } else { - s = dirname(dpath); + if (strlcpy(dpathbuf, dpath, sizeof(dpathbuf)) >= + sizeof(dpathbuf)) { + log_warnx("path too long: %s", dpath); + return -1; + } + s = dirname(dpathbuf); if (snprintf(expanded, sizeof(expanded), "%s/%s", s, path) >= (int)sizeof(expanded)) { log_warnx("path too long: %s/%s", s, path); |