From a502a6d2f5b5cada715d3e6ac68fa7afd7ccf992 Mon Sep 17 00:00:00 2001 From: Joris Vink Date: Thu, 7 Jul 2005 15:52:27 +0000 Subject: more snprintf(3) checks, check against the correct size of the buffer, close RCSFILE on error. ok xsa@ --- usr.bin/cvs/status.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'usr.bin') diff --git a/usr.bin/cvs/status.c b/usr.bin/cvs/status.c index 651038c68c7..8febd9f5d0f 100644 --- a/usr.bin/cvs/status.c +++ b/usr.bin/cvs/status.c @@ -1,4 +1,4 @@ -/* $OpenBSD: status.c,v 1.33 2005/07/07 15:10:17 xsa Exp $ */ +/* $OpenBSD: status.c,v 1.34 2005/07/07 15:52:26 joris Exp $ */ /* * Copyright (c) 2004 Jean-Francois Brousseau * All rights reserved. @@ -225,19 +225,28 @@ cvs_status_local(CVSFILE *cf, void *arg) rcsnum_tostr(cf->cf_lrev, buf, sizeof(buf))); } - if (len == -1 || len >= (int)sizeof(len)) + if (len == -1 || len >= (int)sizeof(buf)) { + if (rf != NULL) + rcs_close(rf); return (CVS_EX_DATA); + } cvs_printf(" Working revision:\t%s\n", buf); if (cf->cf_cvstat == CVS_FST_UNKNOWN) { - snprintf(buf, sizeof(buf), "%s", "No revision control file\n"); + len = snprintf(buf, sizeof(buf), "No revision control file\n"); } else { - snprintf(buf, sizeof(buf), "%s\t%s", + len = snprintf(buf, sizeof(buf), "%s\t%s", rcsnum_tostr(rf->rf_head, numbuf, sizeof(numbuf)), rcspath); } + if (len == -1 || len >= (int)sizeof(buf)) { + if (rf != NULL) + rcs_close(rf); + return (CVS_EX_DATA); + } + cvs_printf(" Repository revision:\t%s\n", buf); /* If the file is unknown, no other output is needed after this. */ -- cgit v1.2.3