Check for possible buffer overflow on very long filenames.

author Paul Smith <psmith@gnu.org>

Sun, 26 Feb 2012 21:34:51 +0000 (21:34 +0000)

committer Paul Smith <psmith@gnu.org>

Sun, 26 Feb 2012 21:34:51 +0000 (21:34 +0000)
author Paul Smith <psmith@gnu.org>
Sun, 26 Feb 2012 21:34:51 +0000 (21:34 +0000)
committer Paul Smith <psmith@gnu.org>
Sun, 26 Feb 2012 21:34:51 +0000 (21:34 +0000)
diff --git a/ChangeLog b/ChangeLog

index ab8e97c..6d16854 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2012-02-26  Paul Smith  <psmith@gnu.org>
+
+       * implicit.c (pattern_search): Check the stem length to avoid
+       stack overflows in stem_str.  Fixes Savannah bug #35525.
+
  2012-02-03  Eli Zaretskii  <eliz@gnu.org>
  
         * w32/subproc/sub_proc.c (proc_stdin_thread, proc_stdout_thread)
diff --git a/implicit.c b/implicit.c

index 96c7b2b..c5f7481 100644 (file)
--- a/implicit.c
+++ b/implicit.c
@@ -488,6 +488,13 @@ pattern_search (struct file *file, int archive,
                dir = pathdir;
              }
  
+          if (stemlen > GET_PATH_MAX)
+            {
+              DBS (DB_IMPLICIT, (_("Stem too long: `%.*s'.\n"),
+                                 (int) stemlen, stem));
+              continue;
+            }
+
            DBS (DB_IMPLICIT, (_("Trying pattern rule with stem `%.*s'.\n"),
                               (int) stemlen, stem));
author	Paul Smith <psmith@gnu.org>
	Sun, 26 Feb 2012 21:34:51 +0000 (21:34 +0000)
committer	Paul Smith <psmith@gnu.org>
	Sun, 26 Feb 2012 21:34:51 +0000 (21:34 +0000)
ChangeLog		patch \| blob \| history
implicit.c		patch \| blob \| history