Checking argument length of test/compare_file. Coverity CID 28785, 28786, 28788.

master
Thomas Schmitt 7 years ago
parent fc0ba19289
commit 9200638a62
  1. 14
      test/compare_file.c

@ -5,7 +5,7 @@
To compare tree /media/dvd and /original/dir :
find /media/dvd -exec compare_file '{}' /media/dvd /original/dir ';'
Copyright 2008 - 2014 Thomas Schmitt, <scdbackup@gmx.net>
Copyright 2008 - 2015 Thomas Schmitt, <scdbackup@gmx.net>
Provided under GPL version 2 or later.
@ -282,6 +282,18 @@ int main(int argc, char **argv)
argv[0], argv[1], argv[2]);
exit(2);
}
if(strlen(argv[1]) >= 4096) {
fprintf(stderr, "path exceeds size limit of 4095\n");
exit(3);
}
if(strlen(argv[1]) - strlen(argv[2]) > 4000) {
fprintf(stderr, "common address part exceeds size limit of 4000\n");
exit(3);
}
if(strlen(argv[3]) + 1 + strlen(argv[1]) - strlen(argv[2]) >= 4096) {
fprintf(stderr, "prefix2 exceeds size limit of 4095\n");
exit(3);
}
strcpy(adr1, argv[1]);
strcpy(adrc, argv[1]+strlen(argv[2]));
sprintf(adr2, "%s%s%s",

Loading…
Cancel
Save