jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-18 06:50:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

compile_et: Don't overflow input file buffer

Browse Source 
Don't overlow the buffer that's used for the input filename by
copying in to much with sprintf. Use asprintf to dynamically
allocate a buffer instead.

Link roken for rk_asprintf where needed.

Build compile_et with libtool, to ensure that it is linked statically,
as is needed for build tools such as compile_et.  (This requires
a preceding change to set a buildtool_roken make variable.)

Caught by coverity (#985907)

Change-Id: I207dd2c49bcae3f04fa41c826b08a0a615d5f422
Reviewed-on: http://gerrit.openafs.org/9545
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
This commit is contained in:
Simon Wilkinson 2013-03-04 16:15:37 +00:00 committed by Benjamin Kaduk
parent 87ce2a6f05
commit 5fd9aed2ba
2 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/comerr/Makefile.in
View File

@ -38,9 +38,9 @@ et_lex.lex.c: et_lex.lex.l
compile_et: compile_et.o error_table.o
$(Q)case $(SYS_NAME) in \
*_linux* | *_umlinux* | *_darwin* ) \
$(AFS_LDRULE_NOQ) compile_et.o error_table.o -L${TOP_LIBDIR} -lopr;; \
$(LT_LDRULE_static_NOQ) compile_et.o error_table.o -L${TOP_LIBDIR} -lopr $(buildtool_roken) $(MT_LIBS);; \
* ) \
$(AFS_LDRULE_NOQ) compile_et.o error_table.o -L${TOP_LIBDIR} -lopr -ll;; \
$(LT_LDRULE_static_NOQ) compile_et.o error_table.o -L${TOP_LIBDIR} -lopr -ll $(buildtool_roken) $(MT_LIBS);; \
esac
libafscom_err.a: $(LT_objs)

9
src/comerr/compile_et.c
View File

@ -117,7 +117,6 @@ static const char msf_warning[] =
char c_file[MAXPATHLEN]; /* output file */
char h_file[MAXPATHLEN]; /* output */
char msf_file[MAXPATHLEN];
char et_file[MAXPATHLEN]; /* full path to input file */
static void
usage(void)
@ -142,6 +141,7 @@ int
main(int argc, char **argv)
{
char *p, *ename;
char *et_file;
char const *const *cpp;
int got_language = 0;
char *got_include = 0;
@ -314,7 +314,10 @@ main(int argc, char **argv)
filename = p;
}
sprintf(et_file, "%s/%s", got_prefix, filename);
if (asprintf(&et_file, "%s/%s", got_prefix, filename) < 0) {
fprintf(stderr, "Couldn't allocate memory for filename\n");
exit(1);
}
yyin = fopen(et_file, "r");
if (!yyin) {
@ -322,6 +325,8 @@ main(int argc, char **argv)
exit(1);
}
free(et_file);
/* on NT, yyout is not initialized to stdout */
if (!yyout) {
yyout = stdout;