procyberian/emacs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix bug #17334 with overrunning string bounds when PATH is broken.

Browse source 
nt/cmdproxy.c (make_absolute): Don't copy more characters from PATH
 than a single directory name can hold.
This commit is contained in:
Eli Zaretskii 2014-04-26 10:06:33 +03:00
parent 0507406b6c
commit 7ece6d4014
2 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
nt/ChangeLog
View file

@ -1,3 +1,8 @@
2014-04-26 Eli Zaretskii <eliz@gnu.org>
* cmdproxy.c (make_absolute): Don't copy more characters from PATH
than a single directory name can hold. (Bug#17334)
2014-04-21 Eli Zaretskii <eliz@gnu.org>
* inc/ms-w32.h (lseek): Define only if not already a macro.

8
nt/cmdproxy.c
View file

@ -292,11 +292,15 @@ make_absolute (const char *prog)
while (*path)
{
size_t len;
/* Get next directory from path. */
p = path;
while (*p && *p != ';') p++;
strncpy (dir, path, p - path);
dir[p - path] = '\0';
/* A broken PATH could have too long directory names in it. */
len = min (p - path, sizeof (dir) - 1);
strncpy (dir, path, len);
dir[len] = '\0';
/* Search the directory for the program. */
if (search_dir (dir, prog, MAX_PATH, absname) > 0)