25 lines
720 B
Diff
25 lines
720 B
Diff
From 6382711e9b0060bbd0408df512e48b2ce9cdb3be Mon Sep 17 00:00:00 2001
|
|
From: William Hubbs <w.d.hubbs@gmail.com>
|
|
Date: Tue, 22 Jun 2010 14:16:45 -0500
|
|
Subject: [PATCH] fix possible buffer overflow in get_path
|
|
|
|
If a pathname is longer than CFG_MAX_FILENAME, there was a possible
|
|
buffer overflow when copying the path name.
|
|
---
|
|
src/dotconf.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/dotconf.c b/src/dotconf.c
|
|
index af553b3..7ba2001 100644
|
|
--- a/src/dotconf.c
|
|
+++ b/src/dotconf.c
|
|
@@ -1440,7 +1440,7 @@ char *get_path(char *name)
|
|
} else {
|
|
len = tmp - name + 1;
|
|
if (len > CFG_MAX_FILENAME)
|
|
- len -= 1;
|
|
+ len = CFG_MAX_FILENAME;
|
|
}
|
|
snprintf(buf, len, "%s", name);
|
|
return buf;
|