Skip to content

Commit d0278ec

Browse files
author
Andrew MacIntyre
committed
OS/2 specific fixes related to SF bug # 1003471
1 parent 222d5b4 commit d0278ec

2 files changed

Lines changed: 23 additions & 1 deletion

File tree

PC/os2emx/getpathp.c

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -132,7 +132,16 @@ ismodule(char *filename)
132132
return 0;
133133
}
134134

135-
/* guarantees buffer will never overflow MAXPATHLEN+1 bytes */
135+
/* Add a path component, by appending stuff to buffer.
136+
buffer must have at least MAXPATHLEN + 1 bytes allocated, and contain a
137+
NUL-terminated string with no more than MAXPATHLEN characters (not counting
138+
the trailing NUL). It's a fatal error if it contains a string longer than
139+
that (callers must be careful!). If these requirements are met, it's
140+
guaranteed that buffer will still be a NUL-terminated string with no more
141+
than MAXPATHLEN characters at exit. If stuff is too long, only as much of
142+
stuff as fits will be appended.
143+
*/
144+
136145
static void
137146
join(char *buffer, char *stuff)
138147
{
@@ -144,6 +153,8 @@ join(char *buffer, char *stuff)
144153
if (n > 0 && !is_sep(buffer[n-1]) && n < MAXPATHLEN)
145154
buffer[n++] = SEP;
146155
}
156+
if (n > MAXPATHLEN)
157+
Py_FatalError("buffer overflow in getpathp.c's joinpath()");
147158
k = strlen(stuff);
148159
if (n + k > MAXPATHLEN)
149160
k = MAXPATHLEN - n;

PC/os2vacpp/getpathp.c

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -83,6 +83,15 @@ exists(char *filename)
8383
}
8484

8585

86+
/* Add a path component, by appending stuff to buffer.
87+
buffer must have at least MAXPATHLEN + 1 bytes allocated, and contain a
88+
NUL-terminated string with no more than MAXPATHLEN characters (not counting
89+
the trailing NUL). It's a fatal error if it contains a string longer than
90+
that (callers must be careful!). If these requirements are met, it's
91+
guaranteed that buffer will still be a NUL-terminated string with no more
92+
than MAXPATHLEN characters at exit. If stuff is too long, only as much of
93+
stuff as fits will be appended.
94+
*/
8695
static void
8796
join(char *buffer, char *stuff)
8897
{
@@ -94,6 +103,8 @@ join(char *buffer, char *stuff)
94103
if (n > 0 && !is_sep(buffer[n-1]) && n < MAXPATHLEN)
95104
buffer[n++] = SEP;
96105
}
106+
if (n > MAXPATHLEN)
107+
Py_FatalError("buffer overflow in getpathp.c's joinpath()");
97108
k = strlen(stuff);
98109
if (n + k > MAXPATHLEN)
99110
k = MAXPATHLEN - n;

0 commit comments

Comments
 (0)