1
0
mirror of https://github.com/profanity-im/profanity.git synced 2024-11-03 19:37:16 -05:00

fgets: buffer size

This commit is contained in:
Peter Vilim 2015-01-07 21:37:35 -06:00
parent b298994ce7
commit 0cb548683c
3 changed files with 11 additions and 6 deletions

View File

@ -50,9 +50,6 @@
#include "log.h"
#include "common.h"
// assume malloc stores at most 8 bytes for size of allocated memory
// and page size is at least 4KB
#define READ_BUF_SIZE 4088
struct curl_data_t
{

View File

@ -59,6 +59,11 @@
#define ARRAY_SIZE(x) (sizeof(x)/sizeof(x[0]))
// assume malloc stores at most 8 bytes for size of allocated memory
// and page size is at least 4KB
#define READ_BUF_SIZE 4088
#define FREE_SET_NULL(resource) \
do { \
free(resource); \

View File

@ -230,9 +230,12 @@ accounts_get_account(const char * const name)
// Evaluate as shell command to retrieve password
if (eval_password != NULL) {
FILE *stream = popen(eval_password, "r");
// Limit to 100 bytes to prevent overflows in the case of a poorly chosen command
password = g_malloc(100);
password = fgets(password, 100, stream);
// Limit to READ_BUF_SIZE bytes to prevent overflows in the case of a poorly chosen command
password = g_malloc(READ_BUF_SIZE);
gchar *result = fgets(password, READ_BUF_SIZE, stream);
if (result != NULL) {
password = result;
}
}
gboolean enabled = g_key_file_get_boolean(accounts, name, "enabled", NULL);