diff options
author | Jens Rehsack <sno@netbsd.org> | 2020-02-24 10:52:21 +0100 |
---|---|---|
committer | Paul Smith <psmith@gnu.org> | 2020-03-31 00:48:57 -0400 |
commit | d3a53d5d16acb6db90e39a02889aea88b5241bfc (patch) | |
tree | a9f8d3bd91dca1c6c7cbcc391ee512c4793486bd | |
parent | 1306023a4f0bbae1721a6f323d52c8e4e16ca287 (diff) | |
download | make-d3a53d5d16acb6db90e39a02889aea88b5241bfc.tar.gz |
* src/dir.c (local_stat): [WINDOWS32] Fix buffer-overflow warning.
[SV 57888] Provide space for the path to use MAXPATHLEN plus nul.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Copyright-paperwork-exempt: yes
-rw-r--r-- | src/dir.c | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -1286,13 +1286,13 @@ local_stat (const char *path, struct stat *buf) /* Make sure the parent of "." exists and is a directory, not a file. This is because 'stat' on Windows normalizes the argument foo/. => foo without checking first that foo is a directory. */ - if (plen > 1 && path[plen - 1] == '.' + if (plen > 2 && path[plen - 1] == '.' && (path[plen - 2] == '/' || path[plen - 2] == '\\')) { - char parent[MAXPATHLEN]; + char parent[MAXPATHLEN+1]; - strncpy (parent, path, plen - 2); - parent[plen - 2] = '\0'; + strncpy (parent, path, MAXPATHLEN); + parent[MIN(plen - 2, MAXPATHLEN)] = '\0'; if (stat (parent, buf) < 0 || !_S_ISDIR (buf->st_mode)) return -1; } |