hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-12-22 17:24:23 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix potential buffer overflow when using gtags.

Browse Source 
Submitted by:	Shigio Yamaguchi [3]shigio@wafu.netgate.net (gtags author)
PR:		bin/7607
This commit is contained in:
Tim Vanderhoek 1999-08-22 03:48:31 +00:00
parent 5e7a62b28b
commit a173eb9a01
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=50142
1 changed files with 34 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
contrib/nvi/ex/ex_tag.c
View File

@ -47,7 +47,7 @@ static int compare __P((char *, char *, char *));
static void ctag_file __P((SCR *, TAGF *, char *, char **, size_t *)); static void ctag_file __P((SCR *, TAGF *, char *, char **, size_t *));
static int ctag_search __P((SCR *, char *, size_t, char *)); static int ctag_search __P((SCR *, char *, size_t, char *));
#ifdef GTAGS #ifdef GTAGS
static int getentry __P((char *, char *, char *, char *)); static int getentry __P((char *, char **, char **, char **));
static TAGQ *gtag_slist __P((SCR *, char *, int)); static TAGQ *gtag_slist __P((SCR *, char *, int));
#endif #endif
static int ctag_sfile __P((SCR *, TAGF *, TAGQ *, char *)); static int ctag_sfile __P((SCR *, TAGF *, TAGQ *, char *));
@ -1013,30 +1013,40 @@ notfound: tag_msg(sp, TAG_SEARCH, tag);
*/ */
static int static int
getentry(buf, tag, file, line) getentry(buf, tag, file, line)
char *buf, *tag, *file, *line; char *buf, **tag, **file, **line;
{ {
char *p; char *p = buf;
p = tag; for (*tag = p; *p && !isspace(*p); p++) /* tag name */
while (*buf && !isspace(*buf)) /* tag name */ ;
*p++ = *buf++; if (*p == 0)
*p = 0; goto err;
while (*buf && isspace(*buf)) /* skip blanks */ *p++ = 0;
buf++; for (; *p && isspace(*p); p++) /* (skip blanks) */
p = line; ;
while (*buf && !isspace(*buf)) /* line no */ if (*p == 0)
*p++ = *buf++; goto err;
*p = 0; *line = p; /* line no */
while (*buf && isspace(*buf)) /* skip blanks */ for (*line = p; *p && !isspace(*p); p++)
buf++; ;
p = file; if (*p == 0)
while (*buf && !isspace(*buf)) /* file name */ goto err;
*p++ = *buf++; *p++ = 0;
for (; *p && isspace(*p); p++) /* (skip blanks) */
;
if (*p == 0)
goto err;
*file = p; /* file name */
for (*file = p; *p && !isspace(*p); p++)
;
if (*p == 0)
goto err;
*p = 0; *p = 0;
/* value check */ /* value check */
if (strlen(tag) && strlen(line) && strlen(file) && atoi(line) > 0) if (strlen(*tag) && strlen(*line) && strlen(*file) && atoi(*line) > 0)
return 1; /* OK */ return 1; /* OK */
err:
return 0; /* ERROR */ return 0; /* ERROR */
} }
@ -1056,9 +1066,9 @@ gtag_slist(sp, tag, ref)
size_t len; size_t len;
int echk; int echk;
TAG *tp; TAG *tp;
static char name[80], file[200], line[10]; char *name, *file, *line;
char command[200]; char command[BUFSIZ];
char buf[BUFSIZ+1]; char buf[BUFSIZ];
FILE *fp; FILE *fp;
/* Allocate and initialize the tag queue structure. */ /* Allocate and initialize the tag queue structure. */
@ -1072,7 +1082,7 @@ gtag_slist(sp, tag, ref)
* Find the tag, only display missing file messages once, and * Find the tag, only display missing file messages once, and
* then only if we didn't find the tag. * then only if we didn't find the tag.
*/ */
sprintf(command, "global -%s '%s'", ref ? "rx" : "x", tag); snprintf(command, sizeof(command), "global -%s '%s'", ref ? "rx" : "x", tag);
if (fp = popen(command, "r")) { if (fp = popen(command, "r")) {
while (fgets(buf, sizeof(buf), fp)) { while (fgets(buf, sizeof(buf), fp)) {
if (buf[strlen(buf)-1] == '\n') /* chop(buf) */ if (buf[strlen(buf)-1] == '\n') /* chop(buf) */
@ -1080,7 +1090,7 @@ gtag_slist(sp, tag, ref)
else else
while (fgetc(fp) != '\n') while (fgetc(fp) != '\n')
; ;
if (getentry(buf, name, file, line) == 0) { if (getentry(buf, &name, &file, &line) == 0) {
echk = 1; echk = 1;
F_SET(tfp, TAGF_ERR); F_SET(tfp, TAGF_ERR);
break; break;