generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

There is a chance that the input string is larger than size, and on VMS,

Browse Source 
this wasn't checked and could possibly be exploitable (slim chance, but still)
This commit is contained in:
Richard Levitte 2002-05-29 08:31:45 +00:00
parent 405ac901c9
commit b093ef7445
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
apps/apps.c
View File

@ -310,9 +310,16 @@ void program_name(char *in, char *out, int size)
q=strrchr(p,'.'); q=strrchr(p,'.');
if (q == NULL) if (q == NULL)
q = in+size; q = p + strlen(p);
strncpy(out,p,q-p); strncpy(out,p,size-1);
out[q-p]='\0'; if (q-p >= size)
{
out[size-1]='\0';
}
else
{
out[q-p]='\0';
}
} }
#else #else
void program_name(char *in, char *out, int size) void program_name(char *in, char *out, int size)