From fc2b6214542a46f97d7067b2f7df530ed37737a7 Mon Sep 17 00:00:00 2001 From: Antoine Pelisse Date: Sat, 14 Dec 2013 12:31:16 +0100 Subject: Prevent buffer overflows when path is too long Some buffers created with PATH_MAX length are not checked when being written, and can overflow if PATH_MAX is not big enough to hold the path. Replace those buffers by strbufs so that their size is automatically grown if necessary. They are created as static local variables to avoid reallocating memory on each call. Note that prefix_filename() returns this static buffer so each callers should copy or use the string immediately (this is currently true). Reported-by: Wataru Noguchi Signed-off-by: Antoine Pelisse Signed-off-by: Junio C Hamano --- abspath.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'abspath.c') diff --git a/abspath.c b/abspath.c index e390994ab..9c908e395 100644 --- a/abspath.c +++ b/abspath.c @@ -215,23 +215,25 @@ const char *absolute_path(const char *path) */ const char *prefix_filename(const char *pfx, int pfx_len, const char *arg) { - static char path[PATH_MAX]; + static struct strbuf path = STRBUF_INIT; #ifndef GIT_WINDOWS_NATIVE if (!pfx_len || is_absolute_path(arg)) return arg; - memcpy(path, pfx, pfx_len); - strcpy(path + pfx_len, arg); + strbuf_reset(&path); + strbuf_add(&path, pfx, pfx_len); + strbuf_addstr(&path, arg); #else char *p; /* don't add prefix to absolute paths, but still replace '\' by '/' */ + strbuf_reset(&path); if (is_absolute_path(arg)) pfx_len = 0; else if (pfx_len) - memcpy(path, pfx, pfx_len); - strcpy(path + pfx_len, arg); - for (p = path + pfx_len; *p; p++) + strbuf_add(&path, pfx, pfx_len); + strbuf_addstr(&path, arg); + for (p = path.buf + pfx_len; *p; p++) if (*p == '\\') *p = '/'; #endif - return path; + return path.buf; } -- cgit v1.2.3