diff options
author | Mark Johnston <markj@FreeBSD.org> | 2020-08-10 17:01:59 +0000 |
---|---|---|
committer | Mark Johnston <markj@FreeBSD.org> | 2020-08-10 17:01:59 +0000 |
commit | 777c9f5a38100652ba864ebf2cf20127d41aade7 (patch) | |
tree | b313d5eee5859a53fb4afde9296003c1248e8db5 /usr.bin/fortune | |
parent | a08d04f4e47535b9db81062d020d10b10e9a4e9d (diff) | |
download | src-test2-777c9f5a38100652ba864ebf2cf20127d41aade7.tar.gz src-test2-777c9f5a38100652ba864ebf2cf20127d41aade7.zip |
fortune, strfile: Improve validation of command-line arguments.
- Avoid potential overflow when parsing a percentage.
- Avoid truncation when copying file paths.
PR: 246050
Submitted by: Akos Somfai <akos.somfai@gmail.com> (original)
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=364083
Diffstat (limited to 'usr.bin/fortune')
-rw-r--r-- | usr.bin/fortune/fortune/fortune.c | 9 | ||||
-rw-r--r-- | usr.bin/fortune/strfile/strfile.c | 18 |
2 files changed, 19 insertions, 8 deletions
diff --git a/usr.bin/fortune/fortune/fortune.c b/usr.bin/fortune/fortune/fortune.c index af408d6dff1d..724fb4a2372e 100644 --- a/usr.bin/fortune/fortune/fortune.c +++ b/usr.bin/fortune/fortune/fortune.c @@ -400,11 +400,12 @@ form_file_list(char **files, int file_cnt) sp = files[i]; else { percent = 0; - for (sp = files[i]; isdigit((unsigned char)*sp); sp++) + for (sp = files[i]; isdigit((unsigned char)*sp); sp++) { percent = percent * 10 + *sp - '0'; - if (percent > 100) { - fprintf(stderr, "percentages must be <= 100\n"); - return (FALSE); + if (percent > 100) { + fprintf(stderr, "percentages must be <= 100\n"); + return (FALSE); + } } if (*sp == '.') { fprintf(stderr, "percentages must be integers\n"); diff --git a/usr.bin/fortune/strfile/strfile.c b/usr.bin/fortune/strfile/strfile.c index ce28e274fd55..f6cda6cd3900 100644 --- a/usr.bin/fortune/strfile/strfile.c +++ b/usr.bin/fortune/strfile/strfile.c @@ -295,16 +295,26 @@ getargs(int argc, char **argv) if (*argv) { Infile = *argv; - if (*++argv) - strcpy(Outfile, *argv); + if (*++argv) { + if (strlcpy(Outfile, *argv, sizeof(Outfile)) >= + sizeof(Outfile)) { + fprintf(stderr, + "output_file path is too long\n"); + exit(1); + } + } } if (!Infile) { puts("No input file name"); usage(); } if (*Outfile == '\0') { - strlcpy(Outfile, Infile, sizeof(Outfile)); - strlcat(Outfile, ".dat", sizeof(Outfile)); + if ((size_t)snprintf(Outfile, sizeof(Outfile), "%s.dat", + Infile) >= sizeof(Outfile)) { + fprintf(stderr, + "generated output_file path is too long\n"); + exit(1); + } } } |