Closed a gap for line buffer overflow with man page production. Coverity CID 28784.

master
Thomas Schmitt 7 years ago
parent 410320c002
commit fc0ba19289
  1. 5
      xorriso/make_xorriso_1.c

@ -378,6 +378,7 @@ int Mx1_convert(struct Mx1 *m, char line_in[256], char line_out[256], int flag)
strcpy(buf, "\\fB");
if(word[0] == '-') {
if(l >= 255) {
length_overflow:;
Mx1_report_error(m, "Line length overflow while converting @item", 0);
return(-1);
}
@ -390,8 +391,10 @@ int Mx1_convert(struct Mx1 *m, char line_in[256], char line_out[256], int flag)
ret= Mx1_substitute(m, buf, line_out, raw, strlen(buf), 0);
if(ret <= 0)
return(-1);
strcpy(buf, line_out);
if(strlen(line_out) + 3 + strlen(remainder) > 255)
goto length_overflow;
strcpy(buf, line_out);
strcat(buf, "\\fR");
raw= strlen(buf);
strcat(buf, remainder);

Loading…
Cancel
Save