summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEric Andersen2002-10-26 10:19:19 +0000
committerEric Andersen2002-10-26 10:19:19 +0000
commitfda2b7ff47c6cd35f2fdf673125a834d0ffe0593 (patch)
tree93ee33748607930bd4b52629e390bbed3410c64f
parent12f834ccfcb2a290f07092db19edeff8d9c7ab38 (diff)
downloadbusybox-fda2b7ff47c6cd35f2fdf673125a834d0ffe0593.zip
busybox-fda2b7ff47c6cd35f2fdf673125a834d0ffe0593.tar.gz
A patch from Jouni Malinen to avoid some buffer overflows in vi,
closing bug #1270
-rw-r--r--editors/vi.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/editors/vi.c b/editors/vi.c
index ce6c3d8..1275d13 100644
--- a/editors/vi.c
+++ b/editors/vi.c
@@ -19,7 +19,7 @@
*/
static const char vi_Version[] =
- "$Id: vi.c,v 1.23 2002/08/21 13:02:24 aaronl Exp $";
+ "$Id: vi.c,v 1.24 2002/10/26 10:19:19 andersen Exp $";
/*
* To compile for standalone use:
@@ -2566,8 +2566,14 @@ static Byte get_one_char()
// adding STDIN chars to q
c = readit(); // get the users input
if (last_modifying_cmd != 0) {
- // add new char to q
- last_modifying_cmd[strlen((char *) last_modifying_cmd)] = c;
+ int len = strlen((char *) last_modifying_cmd);
+ if (len + 1 >= BUFSIZ) {
+ psbs("last_modifying_cmd overrun");
+ } else {
+ // add new char to q
+ last_modifying_cmd[len] = c;
+ }
+
}
}
#else /* CONFIG_FEATURE_VI_DOT_CMD */