diff options
| author | Richard Levitte <levitte@openssl.org> | 2002-05-29 08:31:39 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2002-05-29 08:31:39 +0000 |
| commit | 6298bf907359071c6387fe06b67b6939c53c7a0b (patch) | |
| tree | 220595f5884328fcd30945874c2504ef8bf8e2e9 /apps | |
| parent | 9a26adf59809611a86ef8ed266a49e817c6169e5 (diff) | |
There is a chance that the input string is larger than size, and on VMS,
this wasn't checked and could possibly be exploitable (slim chance, but still)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/apps.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/apps/apps.c b/apps/apps.c index e797796e30..aca750b1f0 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -310,9 +310,16 @@ void program_name(char *in, char *out, int size) q=strrchr(p,'.'); if (q == NULL) - q = in+size; - strncpy(out,p,q-p); - out[q-p]='\0'; + q = p + strlen(p); + strncpy(out,p,size-1); + if (q-p >= size) + { + out[size-1]='\0'; + } + else + { + out[q-p]='\0'; + } } #else void program_name(char *in, char *out, int size) |