mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-23 11:18:54 +00:00
c1c4677aec
in PATH_MAX + 1 bytes from the file. In r281500, strrchr() is used to strip possible path portion of the file name to mitigate a possible attack. Unfortunately, strrchr() expects a buffer that is NUL-terminated, and since we are processing potentially untrusted data, we can not assert that be always true. Solve this by reading in one less byte (now PATH_MAX) and explicitly terminate the buffer after the read size with NUL. Reported by: Coverity CID: 1264915 X-MFC-with: 281500 MFC after: 13 days |
||
---|---|---|
.. | ||
tests | ||
gzexe | ||
gzexe.1 | ||
gzip.1 | ||
gzip.c | ||
Makefile | ||
unbzip2.c | ||
unpack.c | ||
unxz.c | ||
zdiff | ||
zdiff.1 | ||
zforce | ||
zforce.1 | ||
zmore | ||
zmore.1 | ||
znew | ||
znew.1 | ||
zuncompress.c |