Overview

File zoo-security_pathsize.patch of Package zoo

--- misc.c
+++ misc.c
@@ -135,11 +135,17 @@
 char *fullpath (direntry)
 struct direntry *direntry;
 {
-	static char result[PATHSIZE];
+	static char result[PATHSIZE+LFNAMESIZE+12]; /* Room for enough space.*/
 	combine (result,
 				direntry->dirlen != 0 ? direntry->dirname : "", 
 				(direntry->namlen != 0) ? direntry->lfname : direntry->fname
 			  );
+
+       if (strlen (result) >= PATHSIZE) {
+               prterror ('f', "Combined dirname and filename too long!\n");
+               *result = '\0';
+       }
+
 	return (result);
 }
openSUSE Build Service is sponsored by
Places