On Mon, Jun 01, 2015 at 03:30:38PM +0200, Corinna Vinschen wrote:> Hi, > > On May 29 17:12, Damien Miller wrote: > > Hi, > > > > OpenSSH 6.9 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This release contains > > some substantial new features and a number of bugfixes. > > I tested git master HEAD on Cygwin 2.0.2 x86_64.Thanks! I'd like to add this small Cygwin change, could you please sanity-check? diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index a2d8212..8672ccf 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c @@ -68,7 +68,7 @@ cygwin_ssh_privsep_user() if (cygwin_internal (CW_CYGNAME_FROM_WINNAME, "sshd", cyg_privsep_user, sizeof cyg_privsep_user) != 0) #endif - strcpy (cyg_privsep_user, "sshd"); + strlcpy(cyg_privsep_user, "sshd", sizeof(cyg_privsep_user)); } return cyg_privsep_user; } -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Hi Darren, On Jun 2 11:39, Darren Tucker wrote:> On Mon, Jun 01, 2015 at 03:30:38PM +0200, Corinna Vinschen wrote: > > Hi, > > > > On May 29 17:12, Damien Miller wrote: > > > Hi, > > > > > > OpenSSH 6.9 is almost ready for release, so we would appreciate testing > > > on as many platforms and systems as possible. This release contains > > > some substantial new features and a number of bugfixes. > > > > I tested git master HEAD on Cygwin 2.0.2 x86_64. > > Thanks! I'd like to add this small Cygwin change, could you please > sanity-check? > > diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c > index a2d8212..8672ccf 100644 > --- a/openbsd-compat/bsd-cygwin_util.c > +++ b/openbsd-compat/bsd-cygwin_util.c > @@ -68,7 +68,7 @@ cygwin_ssh_privsep_user() > if (cygwin_internal (CW_CYGNAME_FROM_WINNAME, "sshd", cyg_privsep_user, > sizeof cyg_privsep_user) != 0) > #endif > - strcpy (cyg_privsep_user, "sshd"); > + strlcpy(cyg_privsep_user, "sshd", sizeof(cyg_privsep_user)); > } > return cyg_privsep_user; > }that patch is fine, albeit not really necessary. The source string is a constant string of 5 bytes and the target buffer size is guaranteed to be larger than 5 bytes (DNLEN = 15, UNLEN = 256). Thanks, Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150602/5ee75a87/attachment.bin>
In Tue, Jun 2, 2015 at 6:44 PM, Corinna Vinschen <vinschen at redhat.com> wrote: [...]> that patch is fine, albeit not really necessary.Thanks.> The source string is a > constant string of 5 bytes and the target buffer size is guaranteed to > be larger than 5 bytes (DNLEN = 15, UNLEN = 256).Assuming DNLEN and UNLEN don't change in future :-) Anyway I'd like to be able to do "#pragma GCC poison strcpy" or __attribute__((deprecated)) + -Werror or something one day to help stop problematic functions creeping in where it might matter (assuming I can figure out a way to do it without increasing the cost of keeping in sync with OpenBSD). -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.