isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use strlc{at,py} for paranoia's sake and exit on overflow. In all

Browse Source 
cases the strings were either pre-allocated to the correct size of
length checks were done before the copy but a little paranoia can
go a long way.
This commit is contained in:
Todd C. Miller
2003-03-13 20:00:45 +00:00
parent a54c8e66fa
commit eebc763bd3
7 changed files with 72 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
env.c
View File

@@ -213,16 +213,20 @@ format_env(var, val)
char *var;
char *val;
{
char *estring, *p;
size_t varlen, vallen;
char *estring;
size_t esize;
varlen = strlen(var);
vallen = strlen(val);
p = estring = (char *) emalloc(varlen + vallen + 2);
strcpy(p, var);
p += varlen;
*p++ = '=';
strcpy(p, val);
esize = strlen(var) + 1 + strlen(val) + 1;
estring = (char *) emalloc(esize);
/* We pre-allocate enough space, so this should never overflow. */
if (strlcpy(estring, var, esize) >= esize ||
strlcat(estring, "=", esize) >= esize ||
strlcat(estring, val, esize) >= esize) {
(void) fprintf(stderr, "%s: internal error, format_env() overflow\n",
Argv[0]);
exit(1);
}
return(estring);
}