diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-12-06 19:10:39 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-12-06 19:10:39 +0000 |
| commit | 75ec15f00fb83c263f35612c0196153f18ced297 (patch) | |
| tree | a59f13ed1639879e4d470dd6a4b975b8ed5e7312 /usr.bin/ssh/tildexpand.c | |
| parent | dfd07300d1c73f8ba8353f4fa63af80ec13a9cec (diff) | |
check for ~ expansion past MAXPATHLEN
Diffstat (limited to 'usr.bin/ssh/tildexpand.c')
| -rw-r--r-- | usr.bin/ssh/tildexpand.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/usr.bin/ssh/tildexpand.c b/usr.bin/ssh/tildexpand.c index 3345c0fd2ab..4ecb785be53 100644 --- a/usr.bin/ssh/tildexpand.c +++ b/usr.bin/ssh/tildexpand.c @@ -6,7 +6,7 @@ */ #include "includes.h" -RCSID("$Id: tildexpand.c,v 1.5 1999/11/24 19:53:54 markus Exp $"); +RCSID("$Id: tildexpand.c,v 1.6 1999/12/06 19:10:38 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -23,6 +23,7 @@ tilde_expand_filename(const char *filename, uid_t my_uid) char *expanded; struct passwd *pw; char user[100]; + int len; /* Return immediately if no tilde. */ if (filename[0] != '~') @@ -56,7 +57,10 @@ tilde_expand_filename(const char *filename, uid_t my_uid) return xstrdup(pw->pw_dir); } /* Build a path combining the specified directory and path. */ - expanded = xmalloc(strlen(pw->pw_dir) + strlen(cp + 1) + 2); - sprintf(expanded, "%s/%s", pw->pw_dir, cp + 1); + len = strlen(pw->pw_dir) + strlen(cp + 1) + 2; + if (len > MAXPATHLEN) + fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1); + expanded = xmalloc(len); + snprintf(expanded, len, "%s/%s", pw->pw_dir, cp + 1); return expanded; } |