Discussion:
[Proftpd-devel] [PATCH] contrib/mod_sftp_pam.c: fix size argument for memset
(too old to reply)
Sergei Trofimovich
2013-09-12 20:02:47 UTC
Permalink
Pass something string size related insteal of 'sizeof(void*)'
(which might overflow).
mod_sftp_pam.c:327:36: warning: argument to ‘sizeof’ in ‘memset’
call is the same expression as the destination; did you mean to
provide an explicit length? [-Wsizeof-pointer-memaccess]
Signed-off-by: Sergei Trofimovich <***@gentoo.org>
---
contrib/mod_sftp_pam.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contrib/mod_sftp_pam.c b/contrib/mod_sftp_pam.c
index 0a9de72..ba8f1c5 100644
--- a/contrib/mod_sftp_pam.c
+++ b/contrib/mod_sftp_pam.c
@@ -324,7 +324,7 @@ static int sftppam_driver_open(sftp_kbdint_driver_t *driver, const char *user) {
exit(1);
}

- memset(sftppam_user, '\0', sizeof(sftppam_user));
+ memset(sftppam_user, '\0', sftppam_userlen);
sstrncpy(sftppam_user, user, sftppam_userlen);

c = find_config(main_server->conf, CONF_PARAM, "SFTPPAMOptions", FALSE);
--
1.8.3.2


------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
ProFTPD Developers List
<proftpd-***@proftpd.org>
https://lists.sou
TJ Saunders
2013-09-13 03:54:32 UTC
Permalink
Post by Sergei Trofimovich
Pass something string size related insteal of 'sizeof(void*)'
(which might overflow).
mod_sftp_pam.c:327:36: warning: argument to ‘sizeof’ in ‘memset’
call is the same expression as the destination; did you mean to
provide an explicit length? [-Wsizeof-pointer-memaccess]
---
contrib/mod_sftp_pam.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/contrib/mod_sftp_pam.c b/contrib/mod_sftp_pam.c
index 0a9de72..ba8f1c5 100644
--- a/contrib/mod_sftp_pam.c
+++ b/contrib/mod_sftp_pam.c
@@ -324,7 +324,7 @@ static int sftppam_driver_open(sftp_kbdint_driver_t
*driver, const char *user) {
exit(1);
}
- memset(sftppam_user, '\0', sizeof(sftppam_user));
+ memset(sftppam_user, '\0', sftppam_userlen);
sstrncpy(sftppam_user, user, sftppam_userlen);
c = find_config(main_server->conf, CONF_PARAM, "SFTPPAMOptions",
FALSE);
This patch has been applied to CVS. Thanks!

Cheers,
TJ


------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
ProFTPD Developers List
<proftpd-***@proftpd.org>
https://lists.sourcefor

Loading...