Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/games/fortune/strfile strfile: Check that input/output filen...
details: https://anonhg.NetBSD.org/src/rev/542202a0c3b5
branches: trunk
changeset: 971608:542202a0c3b5
user: nia <nia%NetBSD.org@localhost>
date: Wed Apr 29 20:45:05 2020 +0000
description:
strfile: Check that input/output filenames don't exceed the buffer size
diffstat:
games/fortune/strfile/strfile.c | 20 ++++++++++++++++----
1 files changed, 16 insertions(+), 4 deletions(-)
diffs (54 lines):
diff -r 9816e57b413e -r 542202a0c3b5 games/fortune/strfile/strfile.c
--- a/games/fortune/strfile/strfile.c Wed Apr 29 20:03:52 2020 +0000
+++ b/games/fortune/strfile/strfile.c Wed Apr 29 20:45:05 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: strfile.c,v 1.38 2013/09/19 00:34:00 uwe Exp $ */
+/* $NetBSD: strfile.c,v 1.39 2020/04/29 20:45:05 nia Exp $ */
/*-
* Copyright (c) 1989, 1993
@@ -47,7 +47,7 @@
#if 0
static char sccsid[] = "@(#)strfile.c 8.1 (Berkeley) 5/31/93";
#else
-__RCSID("$NetBSD: strfile.c,v 1.38 2013/09/19 00:34:00 uwe Exp $");
+__RCSID("$NetBSD: strfile.c,v 1.39 2020/04/29 20:45:05 nia Exp $");
#endif
#endif /* not lint */
#endif /* __NetBSD__ */
@@ -267,6 +267,7 @@
int ch;
extern int optind;
extern char *optarg;
+ size_t len;
while ((ch = getopt(argc, argv, "c:iorsx")) != -1)
switch(ch) {
@@ -300,14 +301,25 @@
if (*argv) {
Infile = *argv;
- if (*++argv)
- (void) strcpy(Outfile, *argv);
+ if (*++argv) {
+ len = strlen(*argv);
+ if (len >= sizeof(Outfile)) {
+ puts("Bad output filename");
+ usage();
+ }
+ (void) memcpy(Outfile, *argv, len + 1);
+ }
}
if (!Infile) {
puts("No input file name");
usage();
}
if (*Outfile == '\0') {
+ len = strlen(Infile) + sizeof(".dat");
+ if (len > sizeof(Outfile)) {
+ puts("Bad input filename");
+ usage();
+ }
(void) strcpy(Outfile, Infile);
(void) strcat(Outfile, ".dat");
}
Home |
Main Index |
Thread Index |
Old Index