mirror of
https://git.savannah.gnu.org/git/make.git
synced 2024-12-24 12:58:39 +00:00
Avoid overwriting buffers with long pathnames
Reported, with initial patch, by Gisle Vanem <gvanem@online.no> * src/main.c (find_and_set_default_shell) [W32]: Pass search_token directly to w32ify: no need to make a copy first. When we need to construct a path, use snprintf() to be sure we don't overwrite the locally-allocated buffer. * src/w32/pathstuff.c (w32ify) [W32]: Use the malloc version of _fullpath(), followed by strncpy(), to avoid overwriting buffers.
This commit is contained in:
parent
59abb46bc9
commit
97e51c0285
2 changed files with 15 additions and 11 deletions
14
src/main.c
14
src/main.c
|
@ -941,7 +941,6 @@ find_and_set_default_shell (const char *token)
|
|||
char *atoken = 0;
|
||||
const char *search_token;
|
||||
const char *tokend;
|
||||
PATH_VAR(sh_path);
|
||||
extern const char *default_shell;
|
||||
|
||||
if (!token)
|
||||
|
@ -965,8 +964,7 @@ find_and_set_default_shell (const char *token)
|
|||
{
|
||||
batch_mode_shell = 1;
|
||||
unixy_shell = 0;
|
||||
sprintf (sh_path, "%s", search_token);
|
||||
default_shell = xstrdup (w32ify (sh_path, 0));
|
||||
default_shell = xstrdup (w32ify (search_token, 0));
|
||||
DB (DB_VERBOSE, (_("find_and_set_shell() setting default_shell = %s\n"),
|
||||
default_shell));
|
||||
sh_found = 1;
|
||||
|
@ -980,8 +978,7 @@ find_and_set_default_shell (const char *token)
|
|||
else if (_access (search_token, 0) == 0)
|
||||
{
|
||||
/* search token path was found */
|
||||
sprintf (sh_path, "%s", search_token);
|
||||
default_shell = xstrdup (w32ify (sh_path, 0));
|
||||
default_shell = xstrdup (w32ify (search_token, 0));
|
||||
DB (DB_VERBOSE, (_("find_and_set_shell() setting default_shell = %s\n"),
|
||||
default_shell));
|
||||
sh_found = 1;
|
||||
|
@ -1001,9 +998,11 @@ find_and_set_default_shell (const char *token)
|
|||
|
||||
while (ep && *ep)
|
||||
{
|
||||
PATH_VAR (sh_path);
|
||||
|
||||
*ep = '\0';
|
||||
|
||||
sprintf (sh_path, "%s/%s", p, search_token);
|
||||
snprintf (sh_path, GET_PATH_MAX, "%s/%s", p, search_token);
|
||||
if (_access (sh_path, 0) == 0)
|
||||
{
|
||||
default_shell = xstrdup (w32ify (sh_path, 0));
|
||||
|
@ -1025,7 +1024,8 @@ find_and_set_default_shell (const char *token)
|
|||
/* be sure to check last element of Path */
|
||||
if (p && *p)
|
||||
{
|
||||
sprintf (sh_path, "%s/%s", p, search_token);
|
||||
PATH_VAR (sh_path);
|
||||
snprintf (sh_path, GET_PATH_MAX, "%s/%s", p, search_token);
|
||||
if (_access (sh_path, 0) == 0)
|
||||
{
|
||||
default_shell = xstrdup (w32ify (sh_path, 0));
|
||||
|
|
|
@ -100,13 +100,17 @@ w32ify(const char *filename, int resolve)
|
|||
char *p;
|
||||
|
||||
if (resolve)
|
||||
_fullpath(w32_path, filename, sizeof (w32_path));
|
||||
{
|
||||
char *fp = _fullpath (NULL, filename, sizeof (w32_path));
|
||||
strncpy (w32_path, fp, sizeof (w32_path));
|
||||
free (fp);
|
||||
}
|
||||
else
|
||||
strncpy(w32_path, filename, sizeof (w32_path));
|
||||
strncpy(w32_path, filename, sizeof (w32_path));
|
||||
|
||||
for (p = w32_path; p && *p; p++)
|
||||
if (*p == '\\')
|
||||
*p = '/';
|
||||
if (*p == '\\')
|
||||
*p = '/';
|
||||
|
||||
return w32_path;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue