This is the mail archive of the
cygwin-patches
mailing list for the Cygwin project.
[PATCH] cygwin: fix potential buffer overflow in fork
- From: Michael Haubenwallner <michael dot haubenwallner at ssi-schaefer dot com>
- To: cygwin-patches at cygwin dot com
- Cc: Michael Haubenwallner <michael dot haubenwallner at ssi-schaefer dot com>
- Date: Mon, 9 Oct 2017 18:58:24 +0200
- Subject: [PATCH] cygwin: fix potential buffer overflow in fork
- Authentication-results: sourceware.org; auth=none
When fork fails, we can use "%s" now with system_sprintf for the errmsg
rather than a (potentially too small) buffer for the format string.
* fork.cc (fork): Use "%s" with system_printf now.
---
winsup/cygwin/fork.cc | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/winsup/cygwin/fork.cc b/winsup/cygwin/fork.cc
index 73a72f530..bcbef12d8 100644
--- a/winsup/cygwin/fork.cc
+++ b/winsup/cygwin/fork.cc
@@ -618,13 +618,8 @@ fork ()
if (!grouped.errmsg)
syscall_printf ("fork failed - child pid %d, errno %d", grouped.child_pid, grouped.this_errno);
else
- {
- char buf[strlen (grouped.errmsg) + sizeof ("child %d - , errno 4294967295 ")];
- strcpy (buf, "child %d - ");
- strcat (buf, grouped.errmsg);
- strcat (buf, ", errno %d");
- system_printf (buf, grouped.child_pid, grouped.this_errno);
- }
+ system_printf ("child %d - %s, errno %d", grouped.child_pid,
+ grouped.errmsg, grouped.this_errno);
set_errno (grouped.this_errno);
}
--
2.14.2