Searched hist:bc425cd9 (Results 1 – 1 of 1) sorted by relevance
| /dragonfly/usr.sbin/fstyp/ |
| H A D | msdosfs.c | bc425cd9 Wed Nov 03 13:35:00 GMT 2021 Tomohiro Kusumi <tkusumi@netbsd.org> usr.sbin/fstyp: Fix intra-object buffer overread for labeled msdosfs volumes
Volume labels, like directory entries, are padded with spaces and so
have no NUL terminator. Whilst the MIN for the dsize argument to strlcpy
ensures that the copy does not overflow the destination, strlcpy is
defined to return the number of characters in the source string,
regardless of the provided dsize, and so keeps reading until it finds a
NUL, which likely exists somewhere within the following fields, but On
CHERI with the subobject bounds enabled in the compiler this buffer
overread will be detected and trap with a bounds violation.
taken from FreeBSD
34fb1c133c5b8616f14f1d740d99747b427f5571
63d24336fd1aad81a4bdefb11d8c487cee5f88a0
|