From: Alan Cox Date: Thu, 21 May 2015 22:38:02 +0000 (+0100) Subject: uud/uue: fix buffer length checking X-Git-Url: https://git.ndcode.org/public/gitweb.cgi?a=commitdiff_plain;h=3ed428e31ccd0c1a42a5d4ddbe2a739f580dd5dc;p=FUZIX.git uud/uue: fix buffer length checking --- diff --git a/Applications/util/uud.c b/Applications/util/uud.c index 6ddb6cf1..f2c796d4 100644 --- a/Applications/util/uud.c +++ b/Applications/util/uud.c @@ -110,10 +110,10 @@ int main(int argc, char *argv[]) strcpy(ifname, ""); } else { if (source != NULL) { - strcpy(ifname, source); - strcat(ifname, curarg); + strlcpy(ifname, source, sizeof(ifname)); + strlcat(ifname, curarg, sizeof(ifname)); } else { - strcpy(ifname, curarg); + strlcpy(ifname, curarg, sizeof(ifname)); } if ((inpf = fopen(ifname, "r")) == NULL) { printf("uud: Can't open %s\n", ifname); @@ -176,10 +176,10 @@ int main(int argc, char *argv[]) malformed_begin(); if (target != NULL) { - strcpy(ofname, target); - strcat(ofname, dest); + strlcpy(ofname, target, sizeof(ofname)); + strlcat(ofname, dest, sizeof(ofname)); } else { - strcpy(ofname, dest); + strlcpy(ofname, dest, sizeof(ofname)); } if ((outf = fopen(ofname, "w")) == NULL) { /* binary! */ @@ -406,10 +406,10 @@ void getfile(char *buf) printf("uud: Missing include file name.\n"); exit(17); } else if (source != NULL) { - strcpy(ifname, source); - strcat(ifname, pos); + strlcpy(ifname, source, sizeof(ifname)); + strlcat(ifname, pos, sizeof(ifname)); } else { - strcpy(ifname, pos); + strlcpy(ifname, pos, sizeof(ifname)); } if (access(ifname, 04)) { diff --git a/Applications/util/uue.c b/Applications/util/uue.c index a6e664a8..28c8c2e0 100644 --- a/Applications/util/uue.c +++ b/Applications/util/uue.c @@ -73,7 +73,7 @@ int main(int argc, char *argv[]) fname = argv[1] + strlen(argv[1]); while (fname > argv[1] && fname[-1] != '/') fname--; - strcpy(ofname, fname); + strlcpy(ofname, fname, sizeof(ofname)); fname = ofname; do { if (*fname == '.') *fname = '\0';