--- lha-114i/src/lha_macro.h.sec2 2000-10-04 16:57:38.000000000 +0200
+++ lha-114i/src/lha_macro.h 2004-09-16 10:12:36.064017603 +0200
@@ -53,7 +53,7 @@
#define SEEK_SET 0
#define SEEK_CUR 1
#define SEEK_END 2
-#endif /* SEEK_SET
+#endif /* SEEK_SET */
/* non-integral functions */
--- lha-114i/src/lharc.c.sec2 2004-09-16 10:12:36.012016224 +0200
+++ lha-114i/src/lharc.c 2004-09-16 10:16:44.074592636 +0200
@@ -830,9 +830,10 @@
DIRENTRY *dp;
struct stat tmp_stbuf, arc_stbuf, fil_stbuf;
- strcpy(newname, name);
+ strncpy(newname, name, sizeof(newname));
+ newname[sizeof(newname)-1] = 0;
len = strlen(name);
- if (len > 0 && newname[len - 1] != '/')
+ if (len > 0 && newname[len - 1] != '/' && len < (sizeof(newname)-1))
newname[len++] = '/';
dirp = opendir(name);
@@ -846,6 +847,11 @@
for (dp = readdir(dirp); dp != NULL; dp = readdir(dirp)) {
n = NAMLEN(dp);
+ if (len >= (sizeof(newname)-1) ||
+ (len+n) >= (sizeof(newname)-1) ||
+ n <= 0 ||
+ (len+n) <= 0)
+ break;
strncpy(newname + len, dp->d_name, n);
newname[len + n] = '\0';
if (GETSTAT(newname, &fil_stbuf) < 0)
@@ -903,7 +909,8 @@
strcpy(temporary_name, TMP_FILENAME_TEMPLATE);
}
else {
- sprintf(temporary_name, "%s/lhXXXXXX", extract_directory);
+ snprintf(temporary_name, sizeof(temporary_name),
+ "%s/lhXXXXXX", extract_directory);
}
#ifdef MKSTEMP
mkstemp(temporary_name);
@@ -913,10 +920,16 @@
#else
char *p, *s;
- strcpy(temporary_name, archive_name);
+ strncpy(temporary_name, archive_name, sizeof(temporary_name));
+ temporary_name[sizeof(temporary_name)-1] = 0;
for (p = temporary_name, s = (char *) 0; *p; p++)
if (*p == '/')
s = p;
+
+ if( sizeof(temporary_name) - ((size_t) (s-temporary_name)) - 1
+ <= strlen("lhXXXXXX"))
+ exit(-1);
+
strcpy((s ? s + 1 : temporary_name), "lhXXXXXX");
#ifdef MKSTEMP
mkstemp(temporary_name);
@@ -1053,12 +1066,14 @@
if (open_old_archive_1(archive_name, &fp))
return fp;
- sprintf(expanded_archive_name, "%s%s", archive_name, ARCHIVENAME_EXTENTION);
+ snprintf(expanded_archive_name, sizeof(expanded_archive_name),
+ "%s%s", archive_name, ARCHIVENAME_EXTENTION);
if (open_old_archive_1(expanded_archive_name, &fp)) {
archive_name = expanded_archive_name;
return fp;
}
- sprintf(expanded_archive_name, "%s.lzh", archive_name);
+ snprintf(expanded_archive_name, sizeof(expanded_archive_name),
+ "%s.lzh", archive_name);
if (open_old_archive_1(expanded_archive_name, &fp)) {
archive_name = expanded_archive_name;
return fp;
@@ -1067,7 +1082,8 @@
* if ( (errno&0xffff)!=E_PNNF ) { archive_name =
* expanded_archive_name; return NULL; }
*/
- sprintf(expanded_archive_name, "%s.lzs", archive_name);
+ snprintf(expanded_archive_name, sizeof(expanded_archive_name),
+ "%s.lzs", archive_name);
if (open_old_archive_1(expanded_archive_name, &fp)) {
archive_name = expanded_archive_name;
return fp;
--- lha-114i/src/lhext.c.sec2 2004-09-16 10:12:36.041016993 +0200
+++ lha-114i/src/lhext.c 2004-09-16 10:12:36.067017682 +0200
@@ -82,7 +82,8 @@
register char *p;
/* make parent directory name into PATH for recursive call */
- strcpy(path, name);
+ memset(path, 0, sizeof(path));
+ strncpy(path, name, sizeof(path)-1);
for (p = path + strlen(path); p > path; p--)
if (p[-1] == '/') {
*--p = '\0';
@@ -212,9 +213,11 @@
}
if (extract_directory)
- sprintf(name, "%s/%s", extract_directory, q);
- else
- strcpy(name, q);
+ snprintf(name, sizeof(name), "%s/%s", extract_directory, q);
+ else {
+ strncpy(name, q, sizeof(name));
+ name[sizeof(name) - 1] = '\0';
+ }
/* LZHDIRS_METHOD¤ò»ý¤Ä¥Ø¥Ã¥À¤ò¥Á¥§¥Ã¥¯¤¹¤ë */
@@ -335,7 +338,8 @@
if ((hdr->unix_mode & UNIX_FILE_TYPEMASK) == UNIX_FILE_SYMLINK) {
char buf[256], *bb1, *bb2;
int l_code;
- strcpy(buf, name);
+ strncpy(buf, name, sizeof(buf));
+ buf[sizeof(buf)-1] = 0;
bb1 = strtok(buf, "|");
bb2 = strtok(NULL, "|");
@@ -365,9 +369,10 @@
if (quiet != TRUE) {
printf("Symbolic Link %s -> %s\n", bb1, bb2);
}
- strcpy(name, bb1); /* Symbolic's name set */
+ strncpy(name, bb1, 255); /* Symbolic's name set */
+ name[255] = 0;
#else
- sprintf(buf, "%s -> %s", bb1, bb2);
+ sprintf(buf, sizeof(buf), "%s -> %s", bb1, bb2);
warning("Can't make Symbolic Link", buf);
return;
#endif
--- lha-114i/src/lhlist.c.sec2 2000-10-04 16:57:38.000000000 +0200
+++ lha-114i/src/lhlist.c 2004-09-16 10:12:36.067017682 +0200
@@ -250,7 +250,8 @@
printf(" %s", hdr->name);
else {
char buf[256], *b1, *b2;
- strcpy(buf, hdr->name);
+ strncpy(buf, hdr->name, sizeof(buf));
+ buf[sizeof(buf)-1] = 0;
b1 = strtok(buf, "|");
b2 = strtok(NULL, "|");
printf(" %s -> %s", b1, b2);
--- lha-114i/src/util.c.sec2 2000-10-04 16:57:38.000000000 +0200
+++ lha-114i/src/util.c 2004-09-16 10:12:36.068017709 +0200
@@ -276,21 +276,27 @@
char *path;
{
int stat, rtn = 0;
- char *cmdname;
- if ((cmdname = (char *) malloc(strlen(RMDIRPATH) + 1 + strlen(path) + 1))
- == 0)
+ pid_t child;
+
+
+ /* XXX thomas: shell meta chars in path could exec commands */
+ /* therefore we should avoid using system() */
+ if ((child = fork()) < 0)
+ return (-1); /* fork error */
+ else if (child) { /* parent process */
+ while (child != wait(&stat)) /* ignore signals */
+ continue;
+ }
+ else { /* child process */
+ execl(RMDIRPATH, "rmdir", path, (char *) 0);
+ /* never come here except execl is error */
return (-1);
- strcpy(cmdname, RMDIRPATH);
- *(cmdname + strlen(RMDIRPATH)) = ' ';
- strcpy(cmdname + strlen(RMDIRPATH) + 1, path);
- if ((stat = system(cmdname)) < 0)
- rtn = -1; /* fork or exec error */
- else if (stat) { /* RMDIR command error */
- errno = EIO;
- rtn = -1;
}
- free(cmdname);
- return (rtn);
+ if (stat != 0) {
+ errno = EIO; /* cannot get error num. */
+ return (-1);
+ }
+ return (0);
}
/* ------------------------------------------------------------------------ */
distrib
>
Mageia
>
1
>
i586
>
media
>
core-release-src
>
by-pkgid
>
cda9ed984e780efd2599fd41ecb29cd1
>
files
>
7
