diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-12-06 01:47:59 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-12-06 01:47:59 +0000 |
| commit | 4919495250b016635daa63d27059ea2a2bc1b323 (patch) | |
| tree | 762e7591924c67a4d0b6a149e0846ec82f1e63a3 /distrib | |
| parent | 9fe9b2eb8444f5699cd673ec7f4c1376a290f092 (diff) | |
oflow fixes; provos
Diffstat (limited to 'distrib')
| -rw-r--r-- | distrib/crunch/crunchgen/crunchgen.c | 62 |
1 files changed, 46 insertions, 16 deletions
diff --git a/distrib/crunch/crunchgen/crunchgen.c b/distrib/crunch/crunchgen/crunchgen.c index c91d934dea6..d3c5ccffaf4 100644 --- a/distrib/crunch/crunchgen/crunchgen.c +++ b/distrib/crunch/crunchgen/crunchgen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crunchgen.c,v 1.14 1997/09/07 20:08:53 millert Exp $ */ +/* $OpenBSD: crunchgen.c,v 1.15 1999/12/06 01:47:58 deraadt Exp $ */ /* * Copyright (c) 1994 University of Maryland * All Rights Reserved. @@ -136,14 +136,31 @@ int main(int argc, char **argv) case 'f': readcache = 0; break; case 'q': verbose = 0; break; - case 'm': strcpy(outmkname, optarg); break; - case 'c': strcpy(outcfname, optarg); break; - case 'e': strcpy(execfname, optarg); break; - - case 'D': strcpy(topdir, optarg); break; - case 'E' : elf_names = 1; break; - case 'L': strcpy(libdir, optarg); break; - + case 'm': + if (strlcpy(outmkname, optarg, sizeof(outmkname)) >= + sizeof(outmkname)) + usage(); + break; + case 'c': + if (strlcpy(outcfname, optarg, sizeof(outcfname)) >= + sizeof(outcfname)) + usage(); + break; + case 'e': + if (strlcpy(execfname, optarg, sizeof(execfname)) >= + sizeof(execfname)) + usage(); + break; + + case 'D': + if (strlcpy(topdir, optarg, sizeof(topdir)) >= sizeof(topdir)) + usage(); + break; + case 'E': elf_names = 1; break; + case 'L': + if (strlcpy(libdir, optarg, sizeof(libdir)) >= sizeof(libdir)) + usage(); + break; case '?': default: usage(); } @@ -158,7 +175,9 @@ int main(int argc, char **argv) * generate filenames */ - strcpy(infilename, argv[0]); + if (strlcpy(infilename, argv[0], sizeof(infilename)) >= + sizeof(infilename)) + usage(); /* confname = `basename infilename .conf` */ @@ -296,14 +315,25 @@ void add_srcdirs(int argc, char **argv) { int i; char tmppath[MAXPATHLEN]; + int overflow; for(i=1;i<argc;i++) { - if (argv[i][0] == '/' || topdir[0] == '\0') - strcpy(tmppath, argv[i]); - else { - strcpy(tmppath, topdir); - strcat(tmppath, "/"); - strcat(tmppath, argv[i]); + overflow = 0; + if (argv[i][0] == '/' || topdir[0] == '\0') { + if (strlcpy(tmppath, argv[i], sizeof(tmppath)) >= sizeof(tmppath)) + overflow = 1; + continue; + } else { + if (strlcpy(tmppath, topdir, sizeof(tmppath)) >= sizeof(tmppath)|| + strlcat(tmppath, "/", sizeof(tmppath)) >= sizeof(tmppath) || + strlcat(tmppath, argv[i], sizeof(tmppath)) >= sizeof(tmppath)) + overflow = 1; + } + if (overflow) { + goterror = 1; + fprintf(stderr, "%s:%d: `%.40s...' is too long, skipping it.\n", + curfilename, linenum, argv[i]); + continue; } if(is_dir(tmppath)) add_string(&srcdirs, tmppath); |