From: Sunmin Lee <sunm.lee@samsung.com>
Date: Wed, 14 Dec 2016 03:51:31 +0000 (+0900)
Subject: crash-manager: make secure program
X-Git-Tag: accepted/tizen/3.0/common/20161215.163612^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=31472ebf0024fc84e562c1afad933659703ec51b;p=platform%2Fcore%2Fsystem%2Fcrash-worker.git

crash-manager: make secure program

- Use secure function (strncat)
- Prevent buffer overrun

Change-Id: I47acf1bb39c0be123a486116f811b78f30d6ff01
Signed-off-by: Sunmin Lee <sunm.lee@samsung.com>
---

diff --git a/src/crash-manager/crash-manager.c b/src/crash-manager/crash-manager.c
index a80b3f6..a61f063 100644
--- a/src/crash-manager/crash-manager.c
+++ b/src/crash-manager/crash-manager.c
@@ -424,14 +424,16 @@ static void dump_system_state(void)
 
 static void execute_crash_modules(int argc, char *argv[], int debug)
 {
-	int ret, i;
+	int ret, i, length;
 	char arg_append[PATH_MAX];
 	char command[PATH_MAX];
 
+	length = 0;
 	arg_append[0] = '\0';
-	for (i = 1; i < argc; i++) {
-		strcat(arg_append, argv[i]);
-		strcat(arg_append, " ");
+	for (i = 1; i < argc && length + strlen(argv[i]) + 1 < PATH_MAX; i++) {
+		strncat(arg_append, argv[i], strlen(argv[i]));
+		strncat(arg_append, " ", 1);
+		length += strlen(argv[i]) + 1;
 	}
 
 	/* Execute crash-pipe */