aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2019-09-04 04:44:03 +0000
committerXin LI <delphij@FreeBSD.org>2019-09-04 04:44:03 +0000
commit07282103f558b761db70209c5efc2fd1fb705384 (patch)
treeeabc6b0184714b7e6565727d57321f908118e0e2
parentecc5b1d156339cde3e2a0b5a5a32d26b7d375432 (diff)
downloadsrc-07282103f558b761db70209c5efc2fd1fb705384.tar.gz
src-07282103f558b761db70209c5efc2fd1fb705384.zip
Correct overflow logic in fullpath().
Obtained from: OpenBSD MFC after: 3 days
Notes
Notes: svn path=/head/; revision=351802
Diffstat
-rw-r--r--sbin/fsck_msdosfs/dir.c22
1 files changed, 13 insertions, 9 deletions
diff --git a/sbin/fsck_msdosfs/dir.c b/sbin/fsck_msdosfs/dir.c
index 191ff49ccd81..2163db049fac 100644
--- a/sbin/fsck_msdosfs/dir.c
+++ b/sbin/fsck_msdosfs/dir.c
@@ -169,20 +169,24 @@ fullpath(struct dosDirEntry *dir)
char *cp, *np;
int nl;
- cp = namebuf + sizeof namebuf - 1;
- *cp = '\0';
- do {
+ cp = namebuf + sizeof namebuf;
+ *--cp = '\0';
+
+ for(;;) {
np = dir->lname[0] ? dir->lname : dir->name;
nl = strlen(np);
- if ((cp -= nl) <= namebuf + 1)
+ if (cp <= namebuf + 1 + nl) {
+ *--cp = '?';
break;
+ }
+ cp -= nl;
memcpy(cp, np, nl);
+ dir = dir->parent;
+ if (!dir)
+ break;
*--cp = '/';
- } while ((dir = dir->parent) != NULL);
- if (dir)
- *--cp = '?';
- else
- cp++;
+ }
+
return cp;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-09 14:25:10 +0000