pwdx: buffer overflow fixed -- thanks Ulf Harnhammar

2006-06-17 05:01:17 +00:00
parent d4a9781d4a
commit ac23e47c3e
2 changed files with 4 additions and 3 deletions
--- a/pwdx.c
+++ b/pwdx.c
@ -35,7 +35,7 @@ static void version(void)

 int main(int argc, char* argv[])
 {
-     char buf[PATH_MAX];
+     char buf[PATH_MAX+1];
     regex_t re;
     int i;

@ -76,9 +76,9 @@ int main(int argc, char* argv[])
          // or nnnn, so a simple check based on the first char is
          // possible
          if (argv[i][0] != '/')
-               sprintf(buf, "/proc/%s/cwd", argv[i]);
+               snprintf(buf, sizeof buf, "/proc/%s/cwd", argv[i]);
          else
-               sprintf(buf, "%s/cwd", argv[i]);
+               snprintf(buf, sizeof buf, "%s/cwd", argv[i]);

          // buf contains /proc/nnnn/cwd symlink name on entry, the
          // target of that symlink on return