diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2018-03-25 16:38:00 +0800 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2018-04-02 23:30:44 +0800 |
commit | 0f3806dd899ace97d5909f195882697ef9dd1eaa (patch) | |
tree | 2d61861bf874ce560afb4a1017c7c099209140dd /src/machdep.h | |
parent | builtin: Move echo space/nl handling into print_escape_str (diff) | |
download | dash-0f3806dd899ace97d5909f195882697ef9dd1eaa.tar.gz dash-0f3806dd899ace97d5909f195882697ef9dd1eaa.zip |
expand: Fix buffer overflow in expandmeta
The native version of expandmeta allocates a buffer that may be overrun for two reasons. First of all the size is 1 byte too small but this is normally hidden because the minimum size is rounded up to 2048 bytes. Secondly, if the directory level is deep enough, any buffer can be overrun. This patch fixes both problems by calling realloc when necessary. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions