Import vendor fix for buffer overflow in HOME environment variable

author: kris <kris@FreeBSD.org> 2001-03-03 23:45:43 +0000
committer: kris <kris@FreeBSD.org> 2001-03-03 23:45:43 +0000
commit: 9b07833722e76f7d023c491eaf74bf278221b55d (patch)
tree: f4abdc9cc4fe8f868be776baaf9f72d1e7092e58 /contrib/tcsh/sh.c
parent: 5e7fc01bd9bf3444f2d8b21ab1c56c1f2d599068 (diff)
download: FreeBSD-src-9b07833722e76f7d023c491eaf74bf278221b55d.zip
FreeBSD-src-9b07833722e76f7d023c491eaf74bf278221b55d.tar.gz
1 files changed, 15 insertions, 3 deletions
diff --git a/contrib/tcsh/sh.c b/contrib/tcsh/sh.c
index 088d310..0bfa256 100644
--- a/contrib/tcsh/sh.c
+++ b/contrib/tcsh/sh.c
@@ -528,14 +528,26 @@ main(argc, argv)
      */
     shlvl(1);
 
-    if ((tcp = getenv("HOME")) != NULL)
-	cp = quote(SAVE(tcp));
-    else
+    if ((tcp = getenv("HOME")) != NULL) {
+	if (strlen(tcp) >= MAXPATHLEN) {
+	    struct passwd *pw;
+	    if ((pw = getpwuid(getuid())) != NULL)
+		cp = quote(SAVE(pw->pw_dir));
+	    else {
+		tcp[MAXPATHLEN-1] = '\0';
+		cp = quote(SAVE(tcp));
+	    }
+	} else {
+	    cp = quote(SAVE(tcp));
+	}
+    } else
 	cp = NULL;
+
     if (cp == NULL)
 	fast = 1;		/* No home -> can't read scripts */
     else
 	set(STRhome, cp, VAR_READWRITE);
+
     dinit(cp);			/* dinit thinks that HOME == cwd in a login
 				 * shell */
     /*
author	kris <kris@FreeBSD.org>	2001-03-03 23:45:43 +0000
committer	kris <kris@FreeBSD.org>	2001-03-03 23:45:43 +0000
commit	9b07833722e76f7d023c491eaf74bf278221b55d (patch)
tree	f4abdc9cc4fe8f868be776baaf9f72d1e7092e58 /contrib/tcsh/sh.c
parent	5e7fc01bd9bf3444f2d8b21ab1c56c1f2d599068 (diff)
download	FreeBSD-src-9b07833722e76f7d023c491eaf74bf278221b55d.zip FreeBSD-src-9b07833722e76f7d023c491eaf74bf278221b55d.tar.gz