glebfm/strace
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

2004-03-01 Roland McGrath <roland@redhat.com>

Browse Source 
* strace.c (main): Avoid potential buffer overruns from ludicrous
	arguments or PATH values.
This commit is contained in:
Roland McGrath 2004-03-02 06:50:04 +00:00
parent 801bf1ff33
commit bdb09df186
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
strace.c
View File

@ -417,8 +417,14 @@ char *argv[];
char pathname[MAXPATHLEN]; char pathname[MAXPATHLEN];
filename = argv[optind]; filename = argv[optind];
if (strchr(filename, '/')) if (strchr(filename, '/')) {
if (strlen(filename) > sizeof pathname - 1) {
errno = ENAMETOOLONG;
perror("strace: exec");
exit(1);
}
strcpy(pathname, filename); strcpy(pathname, filename);
}
#ifdef USE_DEBUGGING_EXEC #ifdef USE_DEBUGGING_EXEC
/* /*
* Debuggers customarily check the current directory * Debuggers customarily check the current directory
@ -443,6 +449,8 @@ char *argv[];
getcwd(pathname, MAXPATHLEN); getcwd(pathname, MAXPATHLEN);
len = strlen(pathname); len = strlen(pathname);
} }
else if (n > sizeof pathname - 1)
continue;
else { else {
strncpy(pathname, path, n); strncpy(pathname, path, n);
len = n; len = n;