diff options
author | Niels Provos <provos@cvs.openbsd.org> | 1999-12-04 01:01:08 +0000 |
---|---|---|
committer | Niels Provos <provos@cvs.openbsd.org> | 1999-12-04 01:01:08 +0000 |
commit | 37a56eed99073283673f4c65bf406c6c658c8068 (patch) | |
tree | bf295c33d94bdf22fc858d6528bbf96118c03d1d /usr.bin/patch/util.c | |
parent | a64909a2d7f7ce668a1531fa33db963234985274 (diff) |
avoid overflows
Diffstat (limited to 'usr.bin/patch/util.c')
-rw-r--r-- | usr.bin/patch/util.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/usr.bin/patch/util.c b/usr.bin/patch/util.c index f4f3bb8db11..432e0980bb8 100644 --- a/usr.bin/patch/util.c +++ b/usr.bin/patch/util.c @@ -1,7 +1,7 @@ -/* $OpenBSD: util.c,v 1.6 1999/01/11 00:16:32 marc Exp $ */ +/* $OpenBSD: util.c,v 1.7 1999/12/04 01:01:07 provos Exp $ */ #ifndef lint -static char rcsid[] = "$OpenBSD: util.c,v 1.6 1999/01/11 00:16:32 marc Exp $"; +static char rcsid[] = "$OpenBSD: util.c,v 1.7 1999/12/04 01:01:07 provos Exp $"; #endif /* not lint */ #include "EXTERN.h" @@ -45,18 +45,21 @@ char *from, *to; } if (origprae) { - Strcpy(bakname, origprae); - Strcat(bakname, to); + if (strlcpy(bakname, origprae, sizeof(bakname)) >= sizeof(bakname) || + strlcat(bakname, to, sizeof(bakname)) >= sizeof(bakname)) + fatal2("filename %s too long for buffer\n", origprae); } else { #ifndef NODIR char *backupname = find_backup_file_name(to); if (backupname == (char *) 0) fatal1("out of memory\n"); - Strcpy(bakname, backupname); + if (strlcpy(bakname, backupname, sizeof(bakname)) >= sizeof(bakname)) + fatal2("filename %s too long for buffer\n", backupname); free(backupname); #else /* NODIR */ - Strcpy(bakname, to); - Strcat(bakname, simple_backup_suffix); + if (strlcpy(bakname, to, sizeof(bakname)) >= sizeof(bakname) || + strlcat(bakname, simple_backup_suffix, sizeof(bakname)) >= sizeof(bakname)) + fatal2("filename %s too long for buffer\n", to); #endif /* NODIR */ } @@ -79,7 +82,7 @@ char *from, *to; if (*s) *s = toupper(*s); else - Strcpy(simplename, simplename+1); + strcpy(simplename, simplename+1); } while (unlink(bakname) >= 0) ; /* while() is for benefit of Eunice */ #ifdef DEBUGGING @@ -358,7 +361,7 @@ bool striplast; if (stat(tmpbuf, &sbuf) && errno == ENOENT) { while (*s) s++; *s++ = ' '; - strcpy(s, tmpbuf); + strlcpy(s, tmpbuf, strlen(s) + 1); } *dirv[i] = '/'; } |