diff options
author | Eric Andersen | 2002-10-26 10:19:19 +0000 |
---|---|---|
committer | Eric Andersen | 2002-10-26 10:19:19 +0000 |
commit | fda2b7ff47c6cd35f2fdf673125a834d0ffe0593 (patch) | |
tree | 93ee33748607930bd4b52629e390bbed3410c64f | |
parent | 12f834ccfcb2a290f07092db19edeff8d9c7ab38 (diff) | |
download | busybox-fda2b7ff47c6cd35f2fdf673125a834d0ffe0593.zip busybox-fda2b7ff47c6cd35f2fdf673125a834d0ffe0593.tar.gz |
A patch from Jouni Malinen to avoid some buffer overflows in vi,
closing bug #1270
-rw-r--r-- | editors/vi.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/editors/vi.c b/editors/vi.c index ce6c3d8..1275d13 100644 --- a/editors/vi.c +++ b/editors/vi.c @@ -19,7 +19,7 @@ */ static const char vi_Version[] = - "$Id: vi.c,v 1.23 2002/08/21 13:02:24 aaronl Exp $"; + "$Id: vi.c,v 1.24 2002/10/26 10:19:19 andersen Exp $"; /* * To compile for standalone use: @@ -2566,8 +2566,14 @@ static Byte get_one_char() // adding STDIN chars to q c = readit(); // get the users input if (last_modifying_cmd != 0) { - // add new char to q - last_modifying_cmd[strlen((char *) last_modifying_cmd)] = c; + int len = strlen((char *) last_modifying_cmd); + if (len + 1 >= BUFSIZ) { + psbs("last_modifying_cmd overrun"); + } else { + // add new char to q + last_modifying_cmd[len] = c; + } + } } #else /* CONFIG_FEATURE_VI_DOT_CMD */ |