Fix a buffer overflow by using strncpy() instead of strcpy().
Also, use strdup() instead of malloc()/strcpy(). PR: 64164
This commit is contained in:
parent
3d634dba70
commit
c4c326cf1d
@ -49,6 +49,7 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include <ctype.h>
|
||||
#include <err.h>
|
||||
#include <limits.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@ -171,10 +172,10 @@ void
|
||||
set_profile(void)
|
||||
{
|
||||
FILE *f;
|
||||
char fname[BUFSIZ];
|
||||
char fname[PATH_MAX];
|
||||
static char prof[] = ".indent.pro";
|
||||
|
||||
sprintf(fname, "%s/%s", getenv("HOME"), prof);
|
||||
snprintf(fname, sizeof(fname), "%s/%s", getenv("HOME"), prof);
|
||||
if ((f = fopen(option_source = fname, "r")) != NULL) {
|
||||
scan_profile(f);
|
||||
(void) fclose(f);
|
||||
@ -288,10 +289,9 @@ set_option(char *arg)
|
||||
if (*param_start == 0)
|
||||
goto need_param;
|
||||
{
|
||||
char *str = (char *) malloc(strlen(param_start) + 1);
|
||||
char *str = strdup(param_start);
|
||||
if (str == NULL)
|
||||
err(1, NULL);
|
||||
strcpy(str, param_start);
|
||||
addkey(str, 4);
|
||||
}
|
||||
break;
|
||||
|
Loading…
Reference in New Issue
Block a user