Fix potential buffer overflow by using dynamic buffer size.

diff --git a/rpmio/macro.c b/rpmio/macro.c
index 52a7bc5..3c2070d 100644 (file)
--- a/rpmio/macro.c
+++ b/rpmio/macro.c
@@ -1080,7 +1080,10 @@ doOutput(MacroBuf mb, int waserror, const char * msg, size_t msglen)
        /*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/
        /*@modifies mb, rpmGlobalMacroContext, fileSystem @*/
 {
-    char buf[BUFSIZ];
+    char *buf;
+
+    buf = alloca(msglen + 1);
+    memset(buf, 0, (msglen + 1));
 
     strncpy(buf, msg, msglen);
     buf[msglen] = '\0';