diff options
author | Ray Lai <ray@cvs.openbsd.org> | 2007-05-27 21:14:07 +0000 |
---|---|---|
committer | Ray Lai <ray@cvs.openbsd.org> | 2007-05-27 21:14:07 +0000 |
commit | 85facf0ed7d20fd6e060f4b25b388cfe820f51a1 (patch) | |
tree | 040a30fc6e94820dc095705f8d6257b13b4f38bd /usr.bin | |
parent | dc9ca1095f77ac006e267a8710593f67afe492ae (diff) |
Add bounds check for cvs command arguments. Initial diff by Tobias
Stoeckmann, rearranged to "if (num_items >= BUFSIZ)" format for
readability.
I would have liked to allow our cvs client to accept as many arguments
as the system would allow, but the argument parsing code is surprising
hairy.
OK niallo@.
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/cvs/cvs.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.bin/cvs/cvs.c b/usr.bin/cvs/cvs.c index 19b6a3ed96d..07189832b90 100644 --- a/usr.bin/cvs/cvs.c +++ b/usr.bin/cvs/cvs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cvs.c,v 1.127 2007/05/27 04:12:32 ray Exp $ */ +/* $OpenBSD: cvs.c,v 1.128 2007/05/27 21:14:06 ray Exp $ */ /* * Copyright (c) 2006, 2007 Joris Vink <joris@openbsd.org> * Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org> @@ -233,6 +233,8 @@ main(int argc, char **argv) cmd_argc += ret; } + if (argc + cmd_argc >= CVS_CMD_MAXARG) + fatal("main: too many arguments for `%s'", cmd_argv[0]); for (ret = 1; ret < argc; ret++) cmd_argv[cmd_argc++] = argv[ret]; |