summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarc Espie <espie@cvs.openbsd.org>1999-09-06 12:40:53 +0000
committerMarc Espie <espie@cvs.openbsd.org>1999-09-06 12:40:53 +0000
commit98106995708c715910a89f720a8d798370c2d4df (patch)
treeb9d8aa7a406505d15efad8055d39844fba6a718d
parentf3ee7cdaaa27287692a9c2b5e22d91ab57590820 (diff)
Corrected overflow logic in fullpath.
<subliminal FreeBSD/NetBSD>Oh yeah, baby, you want that one</subliminal :->
-rw-r--r--sbin/fsck_msdos/dir.c25
1 files changed, 14 insertions, 11 deletions
diff --git a/sbin/fsck_msdos/dir.c b/sbin/fsck_msdos/dir.c
index fec934e24fe..a335096bfcf 100644
--- a/sbin/fsck_msdos/dir.c
+++ b/sbin/fsck_msdos/dir.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dir.c,v 1.10 1999/08/30 20:29:35 espie Exp $ */
+/* $OpenBSD: dir.c,v 1.11 1999/09/06 12:40:52 espie Exp $ */
/* $NetBSD: dir.c,v 1.11 1997/10/17 11:19:35 ws Exp $ */
/*
@@ -37,7 +37,7 @@
#ifndef lint
-static char rcsid[] = "$OpenBSD: dir.c,v 1.10 1999/08/30 20:29:35 espie Exp $";
+static char rcsid[] = "$OpenBSD: dir.c,v 1.11 1999/09/06 12:40:52 espie Exp $";
#endif /* not lint */
#include <stdio.h>
@@ -174,20 +174,23 @@ fullpath(dir)
char *cp, *np;
int nl;
- cp = namebuf + sizeof namebuf - 1;
- *cp = '\0';
- do {
+ cp = namebuf + sizeof namebuf;
+ *--cp = '\0';
+ for(;;) {
np = dir->lname[0] ? dir->lname : dir->name;
nl = strlen(np);
- if ((cp -= nl) <= namebuf + 1)
+ /* cf dosDirEntry, sizeof(lname) < MAXPATHLEN, so test is safe */
+ if (cp <= namebuf + 1 + nl) {
+ *--cp = '?';
break;
+ }
+ cp -= nl;
(void)memcpy(cp, np, nl);
+ dir = dir->parent;
+ if (!dir)
+ break;
*--cp = '/';
- } while ((dir = dir->parent) != NULL);
- if (dir != NULL && dir->parent != NULL)
- *--cp = '?';
- else
- cp++;
+ }
return (cp);
}