File: fix_c_arg_overflow

package info (click to toggle)

sash 3.8-7

links: PTS, VCS
area: main
in suites: forky, sid, trixie
size: 768 kB
sloc: ansic: 8,177; makefile: 47; sh: 10

file content (16 lines) | stat: -rw-r--r-- 489 bytes

Description: fix a buffer overflow with a very long command line
Origin: https://gitweb.gentoo.org/repo/gentoo.git/tree/app-shells/sash/files/sash-3.7-builtin.patch

--- a/sash.c
+++ b/sash.c
@@ -727,6 +727,10 @@ command(const char * cmd)
 	while (*endCmd && !isBlank(*endCmd))
 		endCmd++;
 
+	/* FIXME: command line will segv with -c 12000bytes -solar */
+	if ((endCmd - cmd) >= sizeof(cmdName))
+		return FALSE;
+
 	memcpy(cmdName, cmd, endCmd - cmd);
 
 	cmdName[endCmd - cmd] = '\0';