projects
/
tinc
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
e97943b
)
Check the return value from snprintf().
author
Guus Sliepen
<guus@tinc-vpn.org>
Sun, 23 Sep 2018 13:20:44 +0000
(15:20 +0200)
committer
Guus Sliepen
<guus@tinc-vpn.org>
Sun, 23 Sep 2018 13:20:44 +0000
(15:20 +0200)
src/conf.c
patch
|
blob
|
history
diff --git
a/src/conf.c
b/src/conf.c
index
c933f09
..
4497b0e
100644
(file)
--- a/
src/conf.c
+++ b/
src/conf.c
@@
-432,7
+432,11
@@
bool read_server_config(void) {
// And we try to read the ones that end with ".conf"
if(l > 5 && !strcmp(".conf", & ep->d_name[ l - 5 ])) {
// And we try to read the ones that end with ".conf"
if(l > 5 && !strcmp(".conf", & ep->d_name[ l - 5 ])) {
- snprintf(fname, sizeof(fname), "%s/%s", dname, ep->d_name);
+ if(snprintf(fname, sizeof(fname), "%s/%s", dname, ep->d_name) >= sizeof(fname)) {
+ logger(LOG_ERR, "Pathname too long: %s/%s", dname, ep->d_name);
+ return false;
+ }
+
x = read_config_file(config_tree, fname);
}
}
x = read_config_file(config_tree, fname);
}
}
@@
-573,7
+577,12
@@
FILE *ask_and_open(const char *filename, const char *what) {
#endif
/* The directory is a relative path or a filename. */
getcwd(directory, sizeof(directory));
#endif
/* The directory is a relative path or a filename. */
getcwd(directory, sizeof(directory));
- snprintf(abspath, sizeof(abspath), "%s/%s", directory, fn);
+
+ if(snprintf(abspath, sizeof(abspath), "%s/%s", directory, fn) >= sizeof(abspath)) {
+ fprintf(stderr, "Pathname too long: %s/%s\n", directory, fn);
+ return NULL;
+ }
+
fn = abspath;
}
fn = abspath;
}