diff options
| author | danny <danny@FreeBSD.org> | 1997-02-15 07:10:26 +0000 |
|---|---|---|
| committer | danny <danny@FreeBSD.org> | 1997-02-15 07:10:26 +0000 |
| commit | 3a1f08e0cc4d613747a07135fae13f7eede17aef (patch) | |
| tree | e09a6284f76f854bc764c92339516107a34bd118 /lib/libc/db | |
| parent | 87555db6e86def8759440e96ea218b43d1c199cc (diff) | |
| download | FreeBSD-src-3a1f08e0cc4d613747a07135fae13f7eede17aef.zip FreeBSD-src-3a1f08e0cc4d613747a07135fae13f7eede17aef.tar.gz | |
Reviewed by: Bruce Evans <bde@freebsd.org>
Guard against possible buffer overrun in filename passed.
Another candidate for 2.2.
Diffstat (limited to 'lib/libc/db')
| -rw-r--r-- | lib/libc/db/hash/ndbm.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/libc/db/hash/ndbm.c b/lib/libc/db/hash/ndbm.c index be6ff72..2e8165d 100644 --- a/lib/libc/db/hash/ndbm.c +++ b/lib/libc/db/hash/ndbm.c @@ -47,6 +47,7 @@ static char sccsid[] = "@(#)ndbm.c 8.4 (Berkeley) 7/21/94"; #include <stdio.h> #include <string.h> +#include <errno.h> #include <ndbm.h> #include "hash.h" @@ -70,6 +71,11 @@ dbm_open(file, flags, mode) info.cachesize = 0; info.hash = NULL; info.lorder = 0; + + if( strlen(file) >= sizeof(path) - strlen(DBM_SUFFIX)) { + errno = ENAMETOOLONG; + return(NULL); + } (void)strcpy(path, file); (void)strcat(path, DBM_SUFFIX); return ((DBM *)__hash_open(path, flags, mode, &info, 0)); |
