Fixed potential buffer overflow in XDG files

author: Rudy Dellomas III <rdellomasiii@outlook.com> 2021-03-08 01:38:40 +1000
committer: Rudy Dellomas III <rdellomasiii@outlook.com> 2021-03-08 01:38:40 +1000
commit: 55c8abdd8b5c5bd893a2df310cded1810f39585d (patch)
tree: 6fd1875e75c7f8c1a5dc3e1ed5d98c3d213d5239 /src/history.c
parent: 5743598d5d2d4e7c2c9728473c1870b393bb0347 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/src/history.c b/src/history.c
index 75281ed..5f89c35 100644
--- a/src/history.c
+++ b/src/history.c
@@ -198,16 +198,16 @@ int save_history(struct history * h, char * mode) {
     FILE * f;
     int i;
     struct hlist * nl = h->list;
-    char history_dir[PATHLEN];
+    char history_dir[PATHLEN-(sizeof HISTORY_FILE)];
 
     if ((home = getenv("XDG_CACHE_HOME"))) {
-        sprintf(history_dir, "%s", home);
+        snprintf(history_dir, PATHLEN-(sizeof HISTORY_FILE), "%s", home);
         mkdir(history_dir,0777);
-        sprintf(infofile, "%s/%s", history_dir, HISTORY_FILE);
+        snprintf(infofile, PATHLEN, "%s/%s", history_dir, HISTORY_FILE);
     } else if ((home = getenv("HOME"))) {
-        sprintf(history_dir, "%s/%s", home, HISTORY_DIR);
+        snprintf(history_dir, PATHLEN-(sizeof HISTORY_FILE), "%s/%s", home, HISTORY_DIR);
         mkdir(history_dir,0777);
-        sprintf(infofile, "%s/%s", history_dir, HISTORY_FILE);
+        snprintf(infofile, PATHLEN, "%s/%s", history_dir, HISTORY_FILE);
     } else {
         /* If both HOME and XDG_CACHE_HOME aren't set, abandon all hope */
         return 0;
author	Rudy Dellomas III <rdellomasiii@outlook.com>	2021-03-08 01:38:40 +1000
committer	Rudy Dellomas III <rdellomasiii@outlook.com>	2021-03-08 01:38:40 +1000
commit	55c8abdd8b5c5bd893a2df310cded1810f39585d (patch)
tree	6fd1875e75c7f8c1a5dc3e1ed5d98c3d213d5239 /src/history.c
parent	5743598d5d2d4e7c2c9728473c1870b393bb0347 (diff)