[haiku-commits] r39954 - haiku/trunk/src/add-ons/kernel/file_systems/ntfs
- From: mmlr@xxxxxxxx
- To: haiku-commits@xxxxxxxxxxxxx
- Date: Mon, 27 Dec 2010 00:07:18 +0100 (CET)
Author: mmlr
Date: 2010-12-27 00:07:18 +0100 (Mon, 27 Dec 2010)
New Revision: 39954
Changeset: http://dev.haiku-os.org/changeset/39954
Modified:
haiku/trunk/src/add-ons/kernel/file_systems/ntfs/ntfsdir.c
Log:
* CID 2195: sizeof() was used on the buffer pointer instead of the type.
* Use strlcpy() instead of memcpy() to ensure that the dirent is properly
terminated.
Modified: haiku/trunk/src/add-ons/kernel/file_systems/ntfs/ntfsdir.c
===================================================================
--- haiku/trunk/src/add-ons/kernel/file_systems/ntfs/ntfsdir.c 2010-12-26
22:42:28 UTC (rev 39953)
+++ haiku/trunk/src/add-ons/kernel/file_systems/ntfs/ntfsdir.c 2010-12-26
23:07:18 UTC (rev 39954)
@@ -164,12 +164,13 @@
}
status_t
-fs_readdir( fs_volume *_vol, fs_vnode *_node, void *_cookie, struct dirent
*buf, size_t bufsize, uint32 *num )
+fs_readdir(fs_volume *_vol, fs_vnode *_node, void *_cookie, struct dirent *buf,
+ size_t bufsize, uint32 *num)
{
nspace *ns = (nspace*)_vol->private_volume;
vnode *node = (vnode*)_node->private_node;
dircookie *cookie = (dircookie*)_cookie;
- uint32 nameLength = bufsize - sizeof(buf) + 1, realLen;
+ uint32 nameLength = bufsize - sizeof(struct dirent), realLen;
int result = B_NO_ERROR;
ntfs_inode *ni=NULL;
@@ -196,11 +197,11 @@
result = ntfs_readdir(ni, &cookie->pos, cookie,
(ntfs_filldir_t)_ntfs_dirent_filler);
- realLen = nameLength>255?255:nameLength;
+ realLen = nameLength > 255 ? 255 : nameLength;
buf->d_dev = ns->id;
buf->d_ino = cookie->ino;
- memcpy(buf->d_name,cookie->name, realLen+1);
- buf->d_reclen = sizeof(buf) + realLen - 1;
+ strlcpy(buf->d_name, cookie->name, realLen + 1);
+ buf->d_reclen = sizeof(struct dirent) + realLen;
if(result==0)
cookie->last = 1;
Other related posts:
- » [haiku-commits] r39954 - haiku/trunk/src/add-ons/kernel/file_systems/ntfs - mmlr
