diff options
author | Eric Curtin <ericcurtin17@gmail.com> | 2020-01-31 16:11:35 +0000 |
---|---|---|
committer | Eric Curtin <ericcurtin17@gmail.com> | 2020-01-31 16:11:35 +0000 |
commit | e42d5b4c181e86a4c3f8afd38112be117ca09f67 (patch) | |
tree | ae29a4952e9f8ac6706f7723269acec007d5055d | |
parent | c9c050e97a1d60b5db3d9a088ddbfdfb24ceab10 (diff) | |
download | inotify-tools-e42d5b4c181e86a4c3f8afd38112be117ca09f67.zip inotify-tools-e42d5b4c181e86a4c3f8afd38112be117ca09f67.tar.gz inotify-tools-e42d5b4c181e86a4c3f8afd38112be117ca09f67.tar.bz2 |
Potential buffer overflow where length is larger than 4095
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | libinotifytools/src/inotifytools.c | 15 |
2 files changed, 11 insertions, 6 deletions
@@ -37,3 +37,5 @@ man/inotifywatch.1 stamp-h1 README +libinotifytools/src/test + diff --git a/libinotifytools/src/inotifytools.c b/libinotifytools/src/inotifytools.c index fb9d4c9..bde3db3 100644 --- a/libinotifytools/src/inotifytools.c +++ b/libinotifytools/src/inotifytools.c @@ -484,8 +484,9 @@ int inotifytools_str_to_event_sep(char const * event, char sep) { int ret, ret1, len; char * event1, * event2; - char eventstr[4096]; - ret = 0; + static const size_t eventstr_size = 4096; + char eventstr[eventstr_size]; + ret = 0; if ( !event || !event[0] ) return 0; @@ -494,14 +495,16 @@ int inotifytools_str_to_event_sep(char const * event, char sep) { while ( event1 && event1[0] ) { if ( event2 ) { len = event2 - event1; - niceassert( len < 4096, "malformed event string (very long)" ); - } + niceassert(len < eventstr_size, + "malformed event string (very long)"); + } else { len = strlen(event1); } - if ( len > 4095 ) len = 4095; + if (len > eventstr_size - 1) + len = eventstr_size - 1; - if (event2) { + if (event2 || len == eventstr_size - 1) { strncpy(eventstr, event1, len); } else { strcpy(eventstr, event1); |