diff options
| author | Erwan Le Blond <erwan.LEBLOND@eurogiciel.fr> | 2013-03-05 18:37:14 +0100 |
|---|---|---|
| committer | Erwan Le Blond <erwan.LEBLOND@eurogiciel.fr> | 2013-03-05 18:37:14 +0100 |
| commit | 5ef4ddb08fe5663433eb38ff607a33eaffec0a7b (patch) | |
| tree | e72f0fc1bfbebe7ef55061d9c7905b53bd57a30e | |
| parent | 009c22e49d4f9bd7a41ba5dd7413f33c34e73f45 (diff) | |
| download | cdrkit-5ef4ddb08fe5663433eb38ff607a33eaffec0a7b.tar.gz cdrkit-5ef4ddb08fe5663433eb38ff607a33eaffec0a7b.tar.bz2 cdrkit-5ef4ddb08fe5663433eb38ff607a33eaffec0a7b.zip | |
patch : fix buffer overflows
| -rw-r--r-- | wodim/scsi_cdr.c | 35 |
1 files changed, 21 insertions, 14 deletions
diff --git a/wodim/scsi_cdr.c b/wodim/scsi_cdr.c index fbb8270..72f0fcd 100644 --- a/wodim/scsi_cdr.c +++ b/wodim/scsi_cdr.c @@ -2181,26 +2181,31 @@ getdev(SCSI *usalp, BOOL print) if (inq->add_len == 0) { if (usalp->dev == DEV_UNKNOWN && got_inquiry) { usalp->dev = DEV_ACB5500; - strcpy(inq->vendor_info, - "ADAPTEC ACB-5500 FAKE"); + strncpy(inq->vendor_info, "ADAPTEC ", 8); + strncpy(inq->prod_ident, "ACB-5500 ", 16); + strncpy(inq->prod_revision, "FAKE", 4); } else switch (usalp->dev) { case DEV_ACB40X0: - strcpy(inq->vendor_info, - "ADAPTEC ACB-40X0 FAKE"); + strncpy(inq->vendor_info, "ADAPTEC ", 8); + strncpy(inq->prod_ident, "ACB-40X0 ", 16); + strncpy(inq->prod_revision, "FAKE", 4); break; case DEV_ACB4000: - strcpy(inq->vendor_info, - "ADAPTEC ACB-4000 FAKE"); + strncpy(inq->vendor_info, "ADAPTEC ", 8); + strncpy(inq->prod_ident, "ACB-4000 ", 16); + strncpy(inq->prod_revision, "FAKE", 4); break; case DEV_ACB4010: - strcpy(inq->vendor_info, - "ADAPTEC ACB-4010 FAKE"); + strncpy(inq->vendor_info, "ADAPTEC ", 8); + strncpy(inq->prod_ident, "ACB-4010 ", 16); + strncpy(inq->prod_revision, "FAKE", 4); break; case DEV_ACB4070: - strcpy(inq->vendor_info, - "ADAPTEC ACB-4070 FAKE"); + strncpy(inq->vendor_info, "ADAPTEC ", 8); + strncpy(inq->prod_ident, "ACB-4070 ", 16); + strncpy(inq->prod_revision, "FAKE", 4); break; } } else if (inq->add_len < 31) { @@ -2230,14 +2235,16 @@ getdev(SCSI *usalp, BOOL print) case INQ_SEQD: if (usalp->dev == DEV_SC4000) { - strcpy(inq->vendor_info, - "SYSGEN SC4000 FAKE"); + strncpy(inq->vendor_info, "SYSGEN ", 8); + strncpy(inq->prod_ident, "SC4000 ", 16); + strncpy(inq->prod_revision, "FAKE", 4); } else if (inq->add_len == 0 && inq->removable && inq->ansi_version == 1) { usalp->dev = DEV_MT02; - strcpy(inq->vendor_info, - "EMULEX MT02 FAKE"); + strncpy(inq->vendor_info, "EMULEX ", 8); + strncpy(inq->prod_ident, "MT02 ", 16); + strncpy(inq->prod_revision, "FAKE", 4); } break; |