summaryrefslogtreecommitdiff
path: root/sys/gnu/ext2fs/ext2_vfsops.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/gnu/ext2fs/ext2_vfsops.c')
-rw-r--r--sys/gnu/ext2fs/ext2_vfsops.c16
1 files changed, 11 insertions, 5 deletions
diff --git a/sys/gnu/ext2fs/ext2_vfsops.c b/sys/gnu/ext2fs/ext2_vfsops.c
index 5ef3819025a5..263db6dcf090 100644
--- a/sys/gnu/ext2fs/ext2_vfsops.c
+++ b/sys/gnu/ext2fs/ext2_vfsops.c
@@ -192,7 +192,11 @@ ext2_mount(mp, path, data, ndp, p)
int error, flags;
mode_t accessmode;
- if ((error = copyin(data, (caddr_t)&args, sizeof (struct ufs_args))) != 0)
+ /* Double-check the length of path.. */
+ if (strlen(path) >= MAXMNTLEN - 1)
+ return (ENAMETOOLONG);
+ error = copyin(data, (caddr_t)&args, sizeof (struct ufs_args));
+ if (error != 0)
return (error);
/*
* If updating, check whether changing from read-only to
@@ -308,10 +312,12 @@ ext2_mount(mp, path, data, ndp, p)
}
ump = VFSTOUFS(mp);
fs = ump->um_e2fs;
- (void) copyinstr(path, fs->fs_fsmnt, sizeof(fs->fs_fsmnt) - 1, &size);
- bzero(fs->fs_fsmnt + size, sizeof(fs->fs_fsmnt) - size);
- bcopy((caddr_t)fs->fs_fsmnt, (caddr_t)mp->mnt_stat.f_mntonname,
- MNAMELEN);
+ /*
+ * Note that this strncpy() is ok because of a check at the start
+ * of ext2_mount().
+ */
+ strncpy(fs->fs_fsmnt, path, MAXMNTLEN);
+ fs->fs_fsmnt[MAXMNTLEN - 1] = '\0';
(void) copyinstr(args.fspec, mp->mnt_stat.f_mntfromname, MNAMELEN - 1,
&size);
bzero(mp->mnt_stat.f_mntfromname + size, MNAMELEN - size);
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-05 05:17:45 +0000