diff options
author | Dirk <doj@cubic.org> | 2016-02-11 18:48:13 +0000 |
---|---|---|
committer | Alan Coopersmith <alan.coopersmith@oracle.com> | 2018-03-24 00:48:01 -0700 |
commit | 0860822bb2a1bbc6e40758e2e6413181b26b6b04 (patch) | |
tree | 5add5dce985617ee39e0a6fa793dc529fef78a62 | |
parent | 72cc0b7713b28ffd03271526c81d1ad9d2183a82 (diff) | |
download | xorg-util-makedepend-0860822bb2a1bbc6e40758e2e6413181b26b6b04.tar.gz |
missing bounds check in makedepend for file arguments
When assigning source code files from the command line to the fp pointer,
no bounds check is done and if more than MAXFILES file names are specified
on the command line, memory will be overridden out of bounds.
https://bugs.freedesktop.org/show_bug.cgi?id=94099
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Tested-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-rw-r--r-- | main.c | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -232,6 +232,9 @@ main(int argc, char *argv[]) /* treat +thing as an option for C++ */ if (endmarker && **argv == '+') continue; + if (fp >= filelist + MAXFILES) { + fatalerr("Too many source files. Limit is %i files.\n", MAXFILES); + } *fp++ = argv[0]; continue; } |