Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/gzip avoid an overflow in suffix handling, from Xin ...
details: https://anonhg.NetBSD.org/src/rev/e674ec132e8f
branches: trunk
changeset: 748039:e674ec132e8f
user: mrg <mrg%NetBSD.org@localhost>
date: Sun Oct 11 07:09:39 2009 +0000
description:
avoid an overflow in suffix handling, from Xin LI <delphij%delphij.net@localhost>.
diffstat:
usr.bin/gzip/gzip.c | 9 ++++++---
1 files changed, 6 insertions(+), 3 deletions(-)
diffs (44 lines):
diff -r fda23267b443 -r e674ec132e8f usr.bin/gzip/gzip.c
--- a/usr.bin/gzip/gzip.c Sun Oct 11 07:07:54 2009 +0000
+++ b/usr.bin/gzip/gzip.c Sun Oct 11 07:09:39 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: gzip.c,v 1.95 2009/10/11 07:07:54 mrg Exp $ */
+/* $NetBSD: gzip.c,v 1.96 2009/10/11 07:09:39 mrg Exp $ */
/*
* Copyright (c) 1997, 1998, 2003, 2004, 2006 Matthew R. Green
@@ -30,7 +30,7 @@
#ifndef lint
__COPYRIGHT("@(#) Copyright (c) 1997, 1998, 2003, 2004, 2006\
Matthew R. Green. All rights reserved.");
-__RCSID("$NetBSD: gzip.c,v 1.95 2009/10/11 07:07:54 mrg Exp $");
+__RCSID("$NetBSD: gzip.c,v 1.96 2009/10/11 07:09:39 mrg Exp $");
#endif /* not lint */
/*
@@ -146,6 +146,7 @@
#undef SUFFIX
};
#define NUM_SUFFIXES (sizeof suffixes / sizeof suffixes[0])
+#define SUFFIX_MAXLEN 30
static const char gzip_version[] = "NetBSD gzip 20060927";
@@ -334,6 +335,8 @@
case 'S':
len = strlen(optarg);
if (len != 0) {
+ if (len > SUFFIX_MAXLEN)
+ errx(1, "incorrect suffix: '%s'", optarg);
suffixes[0].zipped = optarg;
suffixes[0].ziplen = len;
} else {
@@ -1200,7 +1203,7 @@
/* Add (usually) .gz to filename */
if ((size_t)snprintf(outfile, outsize, "%s%s",
file, suffixes[0].zipped) >= outsize)
- memcpy(outfile - suffixes[0].ziplen - 1,
+ memcpy(outfile + outsize - suffixes[0].ziplen - 1,
suffixes[0].zipped, suffixes[0].ziplen + 1);
#ifndef SMALL
Home |
Main Index |
Thread Index |
Old Index