diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2016-01-14 22:02:14 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2016-01-14 22:02:14 +0000 |
| commit | 8852df864997502f809e46873e5b07bb7bd7f53d (patch) | |
| tree | 589f0bc72864c4ce48408b2719177ff8dcc9f7b9 | |
| parent | b5afa366698e0b484bbd4f87536dd4a3cf92b4eb (diff) | |
Check the return value of snprintf() for potential overflow instead
of doing a manual check beforehand.
| -rw-r--r-- | usr.bin/which/which.c | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/usr.bin/which/which.c b/usr.bin/which/which.c index 749207deae1..76cab1eedc0 100644 --- a/usr.bin/which/which.c +++ b/usr.bin/which/which.c @@ -1,4 +1,4 @@ -/* $OpenBSD: which.c,v 1.24 2016/01/14 22:00:53 millert Exp $ */ +/* $OpenBSD: which.c,v 1.25 2016/01/14 22:02:13 millert Exp $ */ /* * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com> @@ -98,7 +98,7 @@ int findprog(char *prog, char *path, int progmode, int allmatches) { char *p, filename[PATH_MAX]; - int proglen, plen, rval = 0; + int len, rval = 0; struct stat sbuf; char *pathcpy; @@ -118,22 +118,20 @@ findprog(char *prog, char *path, int progmode, int allmatches) err(1, "strdup"); pathcpy = path; - proglen = strlen(prog); while ((p = strsep(&pathcpy, ":")) != NULL) { if (*p == '\0') p = "."; - plen = strlen(p); - while (plen > 0 && p[plen-1] == '/') - p[--plen] = '\0'; /* strip trailing '/' */ + len = strlen(p); + while (len > 0 && p[len-1] == '/') + p[--len] = '\0'; /* strip trailing '/' */ - if (plen + 1 + proglen >= sizeof(filename)) { + len = snprintf(filename, sizeof(filename), "%s/%s", p, prog); + if (len < 0 || len >= sizeof(filename)) { warnc(ENAMETOOLONG, "%s/%s", p, prog); free(path); return (0); } - - snprintf(filename, sizeof(filename), "%s/%s", p, prog); if ((stat(filename, &sbuf) == 0) && S_ISREG(sbuf.st_mode) && access(filename, X_OK) == 0) { (void)puts(filename); |