From 3a1f08e0cc4d613747a07135fae13f7eede17aef Mon Sep 17 00:00:00 2001
From: danny <danny@FreeBSD.org>
Date: Sat, 15 Feb 1997 07:10:26 +0000
Subject: Reviewed by:	Bruce Evans <bde@freebsd.org>

Guard against possible buffer overrun in filename passed.
Another candidate for 2.2.
---
 lib/libc/db/hash/ndbm.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'lib/libc')

diff --git a/lib/libc/db/hash/ndbm.c b/lib/libc/db/hash/ndbm.c
index be6ff72..2e8165d 100644
--- a/lib/libc/db/hash/ndbm.c
+++ b/lib/libc/db/hash/ndbm.c
@@ -47,6 +47,7 @@ static char sccsid[] = "@(#)ndbm.c	8.4 (Berkeley) 7/21/94";
 
 #include <stdio.h>
 #include <string.h>
+#include <errno.h>
 
 #include <ndbm.h>
 #include "hash.h"
@@ -70,6 +71,11 @@ dbm_open(file, flags, mode)
 	info.cachesize = 0;
 	info.hash = NULL;
 	info.lorder = 0;
+
+	if( strlen(file) >= sizeof(path) - strlen(DBM_SUFFIX)) {
+		errno = ENAMETOOLONG;
+		return(NULL);
+	}
 	(void)strcpy(path, file);
 	(void)strcat(path, DBM_SUFFIX);
 	return ((DBM *)__hash_open(path, flags, mode, &info, 0));
-- 
cgit v1.1