From d5811091995b78d65e891b134aa0ad6955bbc30c Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Sun, 13 Jan 2008 15:32:24 +0000 Subject: [PATCH] cmd-nname-20080113 LICENSE MIT Nname() is used to concatenate two strings and is frequently used with the first string being the name of the executable perhaps with a full path. The static buffer specified is too small for a full path and there was no protection against writing beyond the end of it. --- src/cmd/cmd.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/cmd/cmd.c b/src/cmd/cmd.c index b0e504b..2699272 100644 --- a/src/cmd/cmd.c +++ b/src/cmd/cmd.c @@ -40,13 +40,14 @@ static char initcmd_opcode[] = "initcmd"; /*Name of initcmd opcode */ static char * NName(char *a1, char *a2) { - static char tbuffer[80]; + static char tbuffer[300]; if (strlen(a1) == 0) { - return ""; + return ""; } else { - strcpy(tbuffer, a1); - strcat(tbuffer, a2); - return tbuffer; + strncpy(tbuffer, a1, sizeof(tbuffer)); + strncat(tbuffer, a2, sizeof(tbuffer)); + tbuffer[sizeof(tbuffer)-1]='\0'; + return tbuffer; } } -- 1.9.4