Fix buffer overflows noted by Gerardo Puga
authorandersen <andersen@69ca8d6d-28ef-0310-b511-8ec308f3f277>
Thu, 6 Jun 2002 14:36:07 +0000 (14:36 +0000)
committerandersen <andersen@69ca8d6d-28ef-0310-b511-8ec308f3f277>
Thu, 6 Jun 2002 14:36:07 +0000 (14:36 +0000)
 -Erik

git-svn-id: svn://busybox.net/trunk/busybox@4872 69ca8d6d-28ef-0310-b511-8ec308f3f277

miscutils/makedevs.c

index 4e50a6d..f559956 100644 (file)
@@ -52,9 +52,13 @@ int makedevs_main(int argc, char **argv)
 
                if (type[0] != 'f')
                        dev = (major << 8) | Sminor;
-               strcpy(devname, basedev);
+               safe_strncpy(devname, basedev, sizeof(devname));
 
                if (sbase == 0) {
+                       int len;
+                       len = strlen(devname);
+                       if (S > 10000 || len > (sizeof(devname)-6))
+                               error_msg_and_die("%s: number too large", buf);
                        sprintf(buf, "%d", S);
                        strcat(devname, buf);
                } else {