diff options
author | H. Peter Anvin <hpa@zytor.com> | 2007-11-18 11:55:10 -0800 |
---|---|---|
committer | H. Peter Anvin <hpa@zytor.com> | 2007-11-18 11:55:10 -0800 |
commit | dc24271fae375f62049aeb487761309654d44510 (patch) | |
tree | 7eeeaea229039a979d0870f56761c32356fda71b /nasm.c | |
parent | 24588d35e75575cd59e663d26ab5cfae1b06e682 (diff) | |
download | nasm-dc24271fae375f62049aeb487761309654d44510.tar.gz |
BR 1091926: Bounds checking for command line parsing
Avoid failure if the command line has doctored arguments.
Diffstat (limited to 'nasm.c')
-rw-r--r-- | nasm.c | 26 |
1 files changed, 20 insertions, 6 deletions
@@ -354,6 +354,20 @@ static char *get_param(char *p, char *q, bool *advance) return NULL; } +/* + * Copy a filename + */ +static void copy_filename(char *dst, const char *src) +{ + size_t len = strlen(src); + + if (len >= (size_t)FILENAME_MAX) { + report_error(ERR_FATAL | ERR_NOFILE, "file name too long"); + return; + } + strncpy(dst, src, FILENAME_MAX); +} + struct textargs { const char *label; int value; @@ -391,7 +405,7 @@ static bool process_arg(char *p, char *q) break; case 'o': /* output file */ - strcpy(outname, param); + copy_filename(outname, param); break; case 'f': /* output format */ @@ -474,7 +488,7 @@ static bool process_arg(char *p, char *q) break; case 'l': /* listing file */ - strcpy(listname, param); + copy_filename(listname, param); break; case 'Z': /* error messages file */ @@ -683,8 +697,9 @@ static bool process_arg(char *p, char *q) if (*inname) { report_error(ERR_NONFATAL | ERR_NOFILE | ERR_USAGE, "more than one input file specified"); - } else - strcpy(inname, p); + } else { + copy_filename(inname, p); + } } return advance; @@ -703,7 +718,6 @@ static void process_respfile(FILE * rfile) prevarg[0] = '\0'; while (1) { /* Loop to handle all lines in file */ - p = buffer; while (1) { /* Loop to handle long lines */ q = fgets(p, bufsize - (p - buffer), rfile); @@ -749,7 +763,7 @@ static void process_respfile(FILE * rfile) prevargsize += ARG_BUF_DELTA; prevarg = nasm_realloc(prevarg, prevargsize); } - strcpy(prevarg, p); + strncpy(prevarg, p, prevargsize); } } |