mirror of
https://github.com/rfivet/uemacs.git
synced 2024-12-18 23:36:23 -05:00
Remove buffer overflow by limiting argument size of encryption key and filenames.
This commit is contained in:
parent
e9142541a9
commit
7b398855e7
6
main.c
6
main.c
@ -234,7 +234,8 @@ int main(int argc, char **argv)
|
||||
case 'k': /* -k<key> for code key */
|
||||
case 'K':
|
||||
cryptflag = TRUE;
|
||||
strcpy(ekey, &argv[carg][2]);
|
||||
strncpy( ekey, &argv[ carg][ 2], sizeof ekey - 1) ; /* max encryption pattern limited to NPAT - 1 */
|
||||
ekey[ sizeof ekey - 1] = 0 ;
|
||||
break;
|
||||
#endif
|
||||
case 'r': /* -r restrictive use */
|
||||
@ -272,7 +273,8 @@ int main(int argc, char **argv)
|
||||
|
||||
/* set this to inactive */
|
||||
bp = bfind(bname, TRUE, 0);
|
||||
strcpy(bp->b_fname, argv[carg]);
|
||||
strncpy( bp->b_fname, argv[ carg], NFILEN - 1) ; /* max filename length limited to NFILEN - 1 (79) */
|
||||
bp->b_fname[ NFILEN - 1] = 0 ;
|
||||
bp->b_active = FALSE;
|
||||
if (firstfile) {
|
||||
firstbp = bp;
|
||||
|
Loading…
Reference in New Issue
Block a user