From fbf9a88fdda1a1ccde68059001448ebeba7884f5 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Mon, 26 Aug 2019 11:22:53 +0200 Subject: [PATCH] Add a missing check for a pathname being too long. --- src/conf.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/conf.c b/src/conf.c index 58d7b6d3..3f81877b 100644 --- a/src/conf.c +++ b/src/conf.c @@ -467,9 +467,14 @@ static void disable_old_keys(const char *filename) { return; } - snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename); + int len = snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename); - w = fopen(tmpfile, "w"); + if(len < 0 || len >= PATH_MAX) { + fprintf(stderr, "Pathname too long: %s.tmp\n", filename); + w = NULL; + } else { + w = fopen(tmpfile, "w"); + } while(fgets(buf, sizeof(buf), r)) { if(!strncmp(buf, "-----BEGIN RSA", 14)) { -- 2.20.1