Changeset 15292 in project


Ignore:
Timestamp:
07/31/09 21:50:25 (10 years ago)
Author:
felix winkelmann
Message:

applied patch by zbigniew for fixing various buffer overflows (#61)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • chicken/trunk/runtime.c

    r15291 r15292  
    38763876    int n = C_header_size(msg);
    38773877
     3878    if (n >= sizeof(buffer))
     3879      n = sizeof(buffer) - 1;
    38783880    C_strncpy(buffer, (C_char *)C_data_pointer(msg), n);
    38793881    buffer[ n ] = '\0';
     
    39053907  int n = C_header_size(msg);
    39063908
     3909  if (n >= sizeof(buffer))
     3910    n = sizeof(buffer) - 1;
    39073911  C_strncpy(buffer, (C_char *)((C_SCHEME_BLOCK *)msg)->data, n);
    39083912  buffer[ n ] = '\0';
     
    73037307    buf[ n ] = '\0';
    73047308    n = C_header_size(mode);
     7309    if (n >= sizeof(fmode)) n = sizeof(fmode) - 1;
    73057310    C_strncpy(fmode, C_c_string(mode), n);
    73067311    fmode[ n ] = '\0';
     
    80008005      t, f1, f2, f3;
    80018006  int len = C_header_size(name);
     8007  char *buffer2;
    80028008
    80038009#ifdef _MSC_VER
     
    80068012  struct stat buf;
    80078013#endif
    8008   C_strncpy(buffer, C_c_string(name), len);
    8009   buffer[ len ] = '\0';
     8014
     8015  buffer2 = buffer;
     8016  if(len >= sizeof(buffer)) {
     8017    if((buffer2 = (char *)C_malloc(len + 1)) == NULL)
     8018      barf(C_OUT_OF_MEMORY_ERROR, "stat");
     8019  }
     8020  C_strncpy(buffer2, C_c_string(name), len);
     8021  buffer2[ len ] = '\0';
    80108022
    80118023#ifdef _MSC_VER
    8012   if(_stat(buffer, &buf) != 0) v = C_SCHEME_FALSE;
     8024  if(_stat(buffer2, &buf) != 0) v = C_SCHEME_FALSE;
    80138025#else
    8014   if(stat(buffer, &buf) != 0) v = C_SCHEME_FALSE;
     8026  if(stat(buffer2, &buf) != 0) v = C_SCHEME_FALSE;
    80158027#endif
    80168028  else {
     
    80328044                 C_fix(buf.st_size), C_fix(t), C_fix(buf.st_mode), C_fix(buf.st_uid) );
    80338045  }
     8046
     8047  if (buffer2 != buffer)
     8048    free(buffer2);
    80348049
    80358050  C_kontinue(k, v);
Note: See TracChangeset for help on using the changeset viewer.