BR 1091926: Bounds checking for command line parsing

Avoid failure if the command line has doctored arguments.
author: H. Peter Anvin <hpa@zytor.com> 2007-11-18 11:55:10 -0800
committer: H. Peter Anvin <hpa@zytor.com> 2007-11-18 11:55:10 -0800
commit: dc24271fae375f62049aeb487761309654d44510 (patch)
tree: 7eeeaea229039a979d0870f56761c32356fda71b /nasm.c
parent: 24588d35e75575cd59e663d26ab5cfae1b06e682 (diff)
download: nasm-dc24271fae375f62049aeb487761309654d44510.tar.gz
1 files changed, 20 insertions, 6 deletions
diff --git a/nasm.c b/nasm.c
index b8de1984..7cf926a5 100644
--- a/nasm.c
+++ b/nasm.c
@@ -354,6 +354,20 @@ static char *get_param(char *p, char *q, bool *advance)
     return NULL;
 }
 
+/*
+ * Copy a filename
+ */
+static void copy_filename(char *dst, const char *src)
+{
+    size_t len = strlen(src);
+
+    if (len >= (size_t)FILENAME_MAX) {
+	report_error(ERR_FATAL | ERR_NOFILE, "file name too long");
+	return;
+    }
+    strncpy(dst, src, FILENAME_MAX);
+}
+
 struct textargs {
     const char *label;
     int value;
@@ -391,7 +405,7 @@ static bool process_arg(char *p, char *q)
             break;
 
 	case 'o':		/* output file */
-	    strcpy(outname, param);
+	    copy_filename(outname, param);
 	    break;
 
 	case 'f':		/* output format */
@@ -474,7 +488,7 @@ static bool process_arg(char *p, char *q)
 	    break;
 
 	case 'l':			/* listing file */
-	    strcpy(listname, param);
+	    copy_filename(listname, param);
 	    break;
 
 	case 'Z':			/* error messages file */
@@ -683,8 +697,9 @@ static bool process_arg(char *p, char *q)
         if (*inname) {
             report_error(ERR_NONFATAL | ERR_NOFILE | ERR_USAGE,
                          "more than one input file specified");
-        } else
-            strcpy(inname, p);
+        } else {
+            copy_filename(inname, p);
+	}
     }
 
     return advance;
@@ -703,7 +718,6 @@ static void process_respfile(FILE * rfile)
     prevarg[0] = '\0';
 
     while (1) {                 /* Loop to handle all lines in file */
-
         p = buffer;
         while (1) {             /* Loop to handle long lines */
             q = fgets(p, bufsize - (p - buffer), rfile);
@@ -749,7 +763,7 @@ static void process_respfile(FILE * rfile)
             prevargsize += ARG_BUF_DELTA;
             prevarg = nasm_realloc(prevarg, prevargsize);
         }
-        strcpy(prevarg, p);
+        strncpy(prevarg, p, prevargsize);
     }
 }
author	H. Peter Anvin <hpa@zytor.com>	2007-11-18 11:55:10 -0800
committer	H. Peter Anvin <hpa@zytor.com>	2007-11-18 11:55:10 -0800
commit	dc24271fae375f62049aeb487761309654d44510 (patch)
tree	7eeeaea229039a979d0870f56761c32356fda71b /nasm.c
parent	24588d35e75575cd59e663d26ab5cfae1b06e682 (diff)
download	nasm-dc24271fae375f62049aeb487761309654d44510.tar.gz