[hackers] [sbase] ed: Use strlcpy/strlcat to construct the scratch filename || sin

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: <git_AT_suckless.org>
Date: Sat, 2 Jan 2016 10:47:10 +0100 (CET)

commit 3300d5d47a054bd2615db0f99e1478808ec88032
Author: sin <sin_AT_2f30.org>
AuthorDate: Sat Jan 2 09:44:06 2016 +0000
Commit: sin <sin_AT_2f30.org>
CommitDate: Sat Jan 2 09:46:48 2016 +0000

    ed: Use strlcpy/strlcat to construct the scratch filename

diff --git a/ed.c b/ed.c
index 62f8477..ed55581 100644
--- a/ed.c
+++ b/ed.c
_AT_@ -335,12 +335,12 @@ setscratch()
         clearundo();
         if ((dir = getenv("TMPDIR")) == NULL)
                 dir = "/tmp/";
- if (strlen(dir) + sizeof("ed.XXXXXX") > FILENAME_MAX)
- error("incorrect scratch file name");
- strcat(strcpy(tmpname, dir), "ed.XXXXX");
- if ((scratch = mkstemp(tmpname)) < 0) {
+ if (strlcpy(tmpname, dir, sizeof(tmpname)) >= sizeof(tmpname))
+ error("scratch file name too long");
+ if (strlcat(tmpname, "ed.XXXXXX", sizeof(tmpname)) >= sizeof(tmpname))
+ error("scratch file name too long");
+ if ((scratch = mkstemp(tmpname)) < 0)
                 error("failed to create scratch file");
- }
         if ((k = makeline("", NULL)))
                 error("input/output error in scratch file");
         relink(k, k, k, k);
Received on Sat Jan 02 2016 - 10:47:10 CET

This archive was generated by hypermail 2.3.0 : Sat Jan 02 2016 - 10:48:21 CET