diff options
author | kris <kris@FreeBSD.org> | 2001-03-03 23:45:43 +0000 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2001-03-03 23:45:43 +0000 |
commit | 9b07833722e76f7d023c491eaf74bf278221b55d (patch) | |
tree | f4abdc9cc4fe8f868be776baaf9f72d1e7092e58 /contrib/tcsh/sh.c | |
parent | 5e7fc01bd9bf3444f2d8b21ab1c56c1f2d599068 (diff) | |
download | FreeBSD-src-9b07833722e76f7d023c491eaf74bf278221b55d.zip FreeBSD-src-9b07833722e76f7d023c491eaf74bf278221b55d.tar.gz |
Import vendor fix for buffer overflow in HOME environment variable
Diffstat (limited to 'contrib/tcsh/sh.c')
-rw-r--r-- | contrib/tcsh/sh.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/contrib/tcsh/sh.c b/contrib/tcsh/sh.c index 088d310..0bfa256 100644 --- a/contrib/tcsh/sh.c +++ b/contrib/tcsh/sh.c @@ -528,14 +528,26 @@ main(argc, argv) */ shlvl(1); - if ((tcp = getenv("HOME")) != NULL) - cp = quote(SAVE(tcp)); - else + if ((tcp = getenv("HOME")) != NULL) { + if (strlen(tcp) >= MAXPATHLEN) { + struct passwd *pw; + if ((pw = getpwuid(getuid())) != NULL) + cp = quote(SAVE(pw->pw_dir)); + else { + tcp[MAXPATHLEN-1] = '\0'; + cp = quote(SAVE(tcp)); + } + } else { + cp = quote(SAVE(tcp)); + } + } else cp = NULL; + if (cp == NULL) fast = 1; /* No home -> can't read scripts */ else set(STRhome, cp, VAR_READWRITE); + dinit(cp); /* dinit thinks that HOME == cwd in a login * shell */ /* |