diff options
author | Denys Vlasenko | 2016-09-30 11:35:54 +0200 |
---|---|---|
committer | Denys Vlasenko | 2016-09-30 11:35:54 +0200 |
commit | 50e6d42c1967cbd3b07441876af2a7ff2bbbf63f (patch) | |
tree | b55053eb25d07e976426945519d94dc93aa8b4f3 | |
parent | b6838b520afa8346751577cd7ccbe0b906cd3a52 (diff) | |
download | busybox-50e6d42c1967cbd3b07441876af2a7ff2bbbf63f.zip busybox-50e6d42c1967cbd3b07441876af2a7ff2bbbf63f.tar.gz |
ash: Avoid overflow for very long variable name
Upstream commit:
Date: Tue, 3 Jul 2012 17:32:33 +0800
Avoid overflow for very long variable name
Otherwise, this:
$ perl -le 'print "v"x(2**31+1) ."=1"' | dash
provokes integer overflow
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | shell/ash.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/shell/ash.c b/shell/ash.c index 59905aa..a1b211a 100644 --- a/shell/ash.c +++ b/shell/ash.c @@ -11274,7 +11274,7 @@ readtoken1(int c, int syntax, char *eofmark, int striptabs) /* NB: syntax parameter fits into smallint */ /* c parameter is an unsigned char or PEOF or PEOA */ char *out; - int len; + size_t len; char line[EOFMARKLEN + 1]; struct nodelist *bqlist; smallint quotef; |