diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-04-02 17:21:25 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-04-02 17:21:25 +0000 |
| commit | 374183326222a4c5006d9d68869416f49675611b (patch) | |
| tree | b4f10ea93166f9d280f11018f6c86229af58dc4a /usr.bin/msgs | |
| parent | 1a15f254dd87b49c3d1974dc2440c5d59cc07e73 (diff) | |
buf oflows, thanks imp & millert
Diffstat (limited to 'usr.bin/msgs')
| -rw-r--r-- | usr.bin/msgs/msgs.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/usr.bin/msgs/msgs.c b/usr.bin/msgs/msgs.c index 2615e96f5b9..9fa92e808e7 100644 --- a/usr.bin/msgs/msgs.c +++ b/usr.bin/msgs/msgs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msgs.c,v 1.7 1997/04/02 08:28:01 deraadt Exp $ */ +/* $OpenBSD: msgs.c,v 1.8 1997/04/02 17:21:24 deraadt Exp $ */ /* $NetBSD: msgs.c,v 1.7 1995/09/28 06:57:40 tls Exp $ */ /*- @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)msgs.c 8.2 (Berkeley) 4/28/95"; #else -static char rcsid[] = "$OpenBSD: msgs.c,v 1.7 1997/04/02 08:28:01 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: msgs.c,v 1.8 1997/04/02 17:21:24 deraadt Exp $"; #endif #endif /* not lint */ @@ -113,8 +113,8 @@ FILE *msgsrc; FILE *newmsg; char *sep = "-"; char inbuf[BUFSIZ]; -char fname[128]; -char cmdbuf[128]; +char fname[MAXPATHLEN]; +char cmdbuf[MAXPATHLEN + MAXPATHLEN]; char subj[128]; char from[128]; char date[128]; @@ -822,11 +822,13 @@ FILE *infile; frompos = ftell(infile); ptr = from; in = nxtfld(inbuf); - if (*in) while (*in && *in > ' ') { - if (*in == ':' || *in == '@' || *in == '!') - local = NO; - *ptr++ = *in++; - /* what about sizeof from ? */ + if (*in) { + while (*in && *in > ' ' && + ptr - from < sizeof from -1) { + if (*in == ':' || *in == '@' || *in == '!') + local = NO; + *ptr++ = *in++; + } } *ptr = NULL; if (*(in = nxtfld(in))) |