diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1998-07-11 23:17:21 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1998-07-11 23:17:21 +0000 |
commit | 1aaa13d308b09424f78910b7543724848d9cacbd (patch) | |
tree | 7275e3ad7746e702c8fd8e3f60af7303a7a46cb8 /lib/libc/time | |
parent | 6e2cb08a0c7b8530eaa28bca285ffe9da794545a (diff) |
be... slightly more permissive.. but i think this is right, i looked at it for 5 minutes
Diffstat (limited to 'lib/libc/time')
-rw-r--r-- | lib/libc/time/localtime.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/libc/time/localtime.c b/lib/libc/time/localtime.c index a3b0b10ba61..e8154d297ba 100644 --- a/lib/libc/time/localtime.c +++ b/lib/libc/time/localtime.c @@ -5,7 +5,7 @@ #if defined(LIBC_SCCS) && !defined(lint) && !defined(NOID) static char elsieid[] = "@(#)localtime.c 7.64"; -static char rcsid[] = "$OpenBSD: localtime.c,v 1.12 1998/07/11 23:08:53 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: localtime.c,v 1.13 1998/07/11 23:17:20 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ /* @@ -277,7 +277,7 @@ register struct state * const sp; register int fid; if (name != NULL && issetugid() != 0) - if ((name[0] == ':') || + if ((name[0] == ':' && (strchr(name, '/') || strstr(name, ".."))) || name[0] == '/' || strchr(name, '.')) name = NULL; if (name == NULL && (name = TZDEFAULT) == NULL) @@ -291,7 +291,7 @@ register struct state * const sp; ** to hold the longest file name string that the implementation ** guarantees can be opened." */ - char fullname[FILENAME_MAX + 1]; + char fullname[FILENAME_MAX]; if (name[0] == ':') ++name; @@ -299,7 +299,7 @@ register struct state * const sp; if (!doaccess) { if ((p = TZDIR) == NULL) return -1; - if ((strlen(p) + strlen(name) + 1) >= sizeof fullname) + if ((strlen(p) + 1 + strlen(name)) >= sizeof fullname) return -1; (void) strcpy(fullname, p); (void) strcat(fullname, "/"); |