libburnia/libisoburn
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Checking argument length of test/compare_file. Coverity CID 28785, 28786, 28788.

Browse Source
This commit is contained in:
Thomas Schmitt 2015-11-05 19:52:43 +00:00
parent fc0ba19289
commit 9200638a62
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
test/compare_file.c
View File

@ -5,7 +5,7 @@
To compare tree /media/dvd and /original/dir :
find /media/dvd -exec compare_file '{}' /media/dvd /original/dir ';'
Copyright 2008 - 2014 Thomas Schmitt, <scdbackup@gmx.net>
Copyright 2008 - 2015 Thomas Schmitt, <scdbackup@gmx.net>
Provided under GPL version 2 or later.
@ -282,6 +282,18 @@ int main(int argc, char **argv)
argv[0], argv[1], argv[2]);
exit(2);
}
if(strlen(argv[1]) >= 4096) {
fprintf(stderr, "path exceeds size limit of 4095\n");
exit(3);
}
if(strlen(argv[1]) - strlen(argv[2]) > 4000) {
fprintf(stderr, "common address part exceeds size limit of 4000\n");
exit(3);
}
if(strlen(argv[3]) + 1 + strlen(argv[1]) - strlen(argv[2]) >= 4096) {
fprintf(stderr, "prefix2 exceeds size limit of 4095\n");
exit(3);
}
strcpy(adr1, argv[1]);
strcpy(adrc, argv[1]+strlen(argv[2]));
sprintf(adr2, "%s%s%s",