There is a chance that the input string is larger than size, and on VMS,
this wasn't checked and could possibly be exploitable (slim chance, but still)
This commit is contained in:
Richard Levitte
parent
c1febe86d1
commit
1af4d83565
1 changed files with 10 additions and 3 deletions
13
apps/apps.c
13
apps/apps.c
|
|
@ -228,9 +228,16 @@ void program_name(char *in, char *out, int size)
|
|||
|
||||
q=strrchr(p,'.');
|
||||
if (q == NULL)
|
||||
q = in+size;
|
||||
strncpy(out,p,q-p);
|
||||
out[q-p]='\0';
|
||||
q = p + strlen(p);
|
||||
strncpy(out,p,size-1);
|
||||
if (q-p >= size)
|
||||
{
|
||||
out[size-1]='\0';
|
||||
}
|
||||
else
|
||||
{
|
||||
out[q-p]='\0';
|
||||
}
|
||||
}
|
||||
#else
|
||||
void program_name(char *in, char *out, int size)
|
||||
|
|
|
|||
Loading…
Reference in a new issue