pwdx: buffer overflow fixed -- thanks Ulf Harnhammar

2006-06-17 05:01:17 +00:00 · 2006-06-17 05:01:17 +00:00 · ac23e47c3e
commit ac23e47c3e
parent d4a9781d4a
2 changed files with 4 additions and 3 deletions
--- a/1
+++ b/1
@ -5,6 +5,7 @@ top: terabytes -- thanks Tony Ernst
 ps: SCHED_BATCH is B
 ps: fix s format (signals) output with thread display
 watch: avoid integer overflow for the time delay
+pwdx: buffer overflow fixed -- thanks Ulf Harnhammar

 procps-3.2.5 --> procps-3.2.6

--- a/pwdx.c
+++ b/pwdx.c
@ -35,7 +35,7 @@ static void version(void)

 int main(int argc, char* argv[])
 {
-     char buf[PATH_MAX];
+     char buf[PATH_MAX+1];
     regex_t re;
     int i;

@ -76,9 +76,9 @@ int main(int argc, char* argv[])
          // or nnnn, so a simple check based on the first char is
          // possible
          if (argv[i][0] != '/')
-               sprintf(buf, "/proc/%s/cwd", argv[i]);
+               snprintf(buf, sizeof buf, "/proc/%s/cwd", argv[i]);
          else
-               sprintf(buf, "%s/cwd", argv[i]);
+               snprintf(buf, sizeof buf, "%s/cwd", argv[i]);

          // buf contains /proc/nnnn/cwd symlink name on entry, the
          // target of that symlink on return