--- Mowitz/MwFilesel.c.ori 2007-08-28 11:48:07.000000000 +0200 +++ Mowitz/MwFilesel.c 2007-08-28 11:48:34.000000000 +0200 @@ -169,29 +169,38 @@ static void fsel_scan(void) { String string; - char dir[1024]; + char dir[PATH_MAX]; char pattern[1024]; char *pst; if (files != NULL) freedirent(dirs, ndirs, files, nfiles); + if (strnlen(MwLabelGet(fsel_dirbutton), PATH_MAX)>=PATH_MAX) { + fprintf(stderr, "Path too long %s\n", MwLabelGet(fsel_dirbutton)); + return; + } strcpy(dir, MwLabelGet(fsel_dirbutton)); string = MwLabelGet(fsel_formatbutton); pst = strchr(string, '('); if (pst == NULL) { /* apparently no pattern here; use foolproof default */ strcpy(pattern, "*"); } else { + if (strnlen(pst+1, 1024) >= 1024) { + fprintf(stderr, "Pattern too long %s\n", pattern); + return; + } strcpy(pattern, pst+1); if ((pst = strchr(pattern, ')'))) *pst = '\0'; } if (getdirent(&dirs, &ndirs, &files, &nfiles, dir, pattern)) { fprintf(stderr, "Grmbl. getdirent() failed\n"); + } else { + make_files(files, nfiles); + make_dirs(dirs, ndirs); } - make_files(files, nfiles); - make_dirs(dirs, ndirs); make_dirmenu(dir); }