From 0b697dfdc6e1be4175c9c84fe306374e3fcfc7e1 Mon Sep 17 00:00:00 2001
From: kris <kris@FreeBSD.org>
Date: Fri, 4 Aug 2000 06:25:30 +0000
Subject: Prevent buffer overflows.

---
 lib/libz/minigzip.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'lib/libz')

diff --git a/lib/libz/minigzip.c b/lib/libz/minigzip.c
index ba4b2dc..e8a61b1 100644
--- a/lib/libz/minigzip.c
+++ b/lib/libz/minigzip.c
@@ -200,6 +200,11 @@ void file_compress(file, mode)
     FILE  *in;
     gzFile out;
 
+    if (strlen(file) + strlen(GZ_SUFFIX) >= sizeof(outfile)) {
+        fprintf(stderr, "%s: nilename too long\n", prog);
+        exit(1);	    
+    }
+    
     strcpy(outfile, file);
     strcat(outfile, GZ_SUFFIX);
 
@@ -231,6 +236,11 @@ void file_uncompress(file)
     gzFile in;
     int len = strlen(file);
 
+    if (len + strlen(GZ_SUFFIX) >= sizeof(buf)) {
+        fprintf(stderr, "%s: filename too long\n", prog);
+        exit(1);	    
+    }
+
     strcpy(buf, file);
 
     if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) {
-- 
cgit v1.1