c1c4677aec
in PATH_MAX + 1 bytes from the file. In r281500, strrchr() is used to strip possible path portion of the file name to mitigate a possible attack. Unfortunately, strrchr() expects a buffer that is NUL-terminated, and since we are processing potentially untrusted data, we can not assert that be always true. Solve this by reading in one less byte (now PATH_MAX) and explicitly terminate the buffer after the read size with NUL. Reported by: Coverity CID: 1264915 X-MFC-with: 281500 MFC after: 13 days |
||
|---|---|---|
| .. | ||
| tests | ||
| gzexe | ||
| gzexe.1 | ||
| gzip.1 | ||
| gzip.c | ||
| Makefile | ||
| unbzip2.c | ||
| unpack.c | ||
| unxz.c | ||
| zdiff | ||
| zdiff.1 | ||
| zforce | ||
| zforce.1 | ||
| zmore | ||
| zmore.1 | ||
| znew | ||
| znew.1 | ||
| zuncompress.c | ||