folkslinux
/
rpm
mirror of https://github.com/rpm-software-management/rpm.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overflow in macro shell escaping (#253971) 

We know the required buffer size here, no point in using static buffer.
This commit is contained in:
Panu Matilainen 2007-08-27 09:45:53 +03:00
parent f77387df9a
commit ca7b28eb35
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
rpmio/macro.c
View File

@ -597,11 +597,14 @@ doShellEscape(MacroBuf mb, const char * cmd, size_t clen)
/*@globals rpmGlobalMacroContext, h_errno, fileSystem @*/
/*@modifies mb, rpmGlobalMacroContext, fileSystem @*/
{
char pcmd[BUFSIZ];
char *pcmd;
FILE *shf;
int rc;
int c;
pcmd = alloca(clen + 1);
memset(pcmd, 0, (clen + 1));
strncpy(pcmd, cmd, clen);
pcmd[clen] = '\0';
rc = expandU(mb, pcmd, sizeof(pcmd));