diff options
| author | Marc Espie <espie@cvs.openbsd.org> | 2009-06-04 07:19:46 +0000 |
|---|---|---|
| committer | Marc Espie <espie@cvs.openbsd.org> | 2009-06-04 07:19:46 +0000 |
| commit | fc9d0bd3d7bede9e761c8da01efc5d87d4d038f7 (patch) | |
| tree | 017f2f0428908b5884f72dca43127e8b4ef8f72e /usr.bin/locate | |
| parent | db09891a6feb13ac5efab6efdc7996dcd1c6f701 (diff) | |
error out if count gets out of bounds. Happens with corrupted databases,
better than a buffer underflow and a segfault.
okay millert@
Diffstat (limited to 'usr.bin/locate')
| -rw-r--r-- | usr.bin/locate/locate/fastfind.c | 6 | ||||
| -rw-r--r-- | usr.bin/locate/locate/locate.c | 14 |
2 files changed, 15 insertions, 5 deletions
diff --git a/usr.bin/locate/locate/fastfind.c b/usr.bin/locate/locate/fastfind.c index 599438f29c5..27353a4af4a 100644 --- a/usr.bin/locate/locate/fastfind.c +++ b/usr.bin/locate/locate/fastfind.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fastfind.c,v 1.9 2008/07/26 09:48:00 pyr Exp $ */ +/* $OpenBSD: fastfind.c,v 1.10 2009/06/04 07:19:45 espie Exp $ */ /* * Copyright (c) 1995 Wolfram Schneider <wosch@FreeBSD.org>. Berlin. @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: fastfind.c,v 1.9 2008/07/26 09:48:00 pyr Exp $ + * $Id: fastfind.c,v 1.10 2009/06/04 07:19:45 espie Exp $ */ #ifndef _LOCATE_STATISTIC_ @@ -65,6 +65,7 @@ statistic (fp, path_fcodes) } else count += c - OFFSET; + sane_count(count); for (p = path + count; (c = getc(fp)) > SWITCH; size++) if (c < PARITY) { if (c == UMLAUT) { @@ -211,6 +212,7 @@ fastfind count += c - OFFSET; } + sane_count(count); /* overlay old path */ p = path + count; foundchar = p - 1; diff --git a/usr.bin/locate/locate/locate.c b/usr.bin/locate/locate/locate.c index de9715e239e..e5e214ef002 100644 --- a/usr.bin/locate/locate/locate.c +++ b/usr.bin/locate/locate/locate.c @@ -1,5 +1,5 @@ /* - * $OpenBSD: locate.c,v 1.22 2008/10/01 00:55:10 kevlo Exp $ + * $OpenBSD: locate.c,v 1.23 2009/06/04 07:19:45 espie Exp $ * * Copyright (c) 1995 Wolfram Schneider <wosch@FreeBSD.org>. Berlin. * Copyright (c) 1989, 1993 @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: locate.c,v 1.22 2008/10/01 00:55:10 kevlo Exp $ + * $Id: locate.c,v 1.23 2009/06/04 07:19:45 espie Exp $ */ #ifndef lint @@ -46,7 +46,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)locate.c 8.1 (Berkeley) 6/6/93"; #else -static char rcsid[] = "$OpenBSD: locate.c,v 1.22 2008/10/01 00:55:10 kevlo Exp $"; +static char rcsid[] = "$OpenBSD: locate.c,v 1.23 2009/06/04 07:19:45 espie Exp $"; #endif #endif /* not lint */ @@ -344,6 +344,14 @@ usage(void) exit(1); } +void +sane_count(int count) +{ + if (count < 0 || count >= MAXPATHLEN) { + fprintf(stderr, "locate: corrupted database\n"); + exit(1); + } +} /* load fastfind functions */ |