From e1829a3d5260b5bdeef40c81f5f9508b78fd7135 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 27 Nov 2006 16:40:14 +0000 Subject: [PATCH] * openfile.c (ask_outfile_name): Fixed buffer overflow occurring if make_printable_string returns a longer string. Fixes bug 728. --- g10/ChangeLog | 5 +++++ g10/openfile.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index 763f468e2..cc10fec03 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +2006-11-27 Werner Koch + + * openfile.c (ask_outfile_name): Fixed buffer overflow occurring + if make_printable_string returns a longer string. Fixes bug 728. + 2006-10-23 Werner Koch * gpg.c (main): New command --gpgconf-list. diff --git a/g10/openfile.c b/g10/openfile.c index 33e755d8f..c106cdbec 100644 --- a/g10/openfile.c +++ b/g10/openfile.c @@ -144,8 +144,8 @@ ask_outfile_name( const char *name, size_t namelen ) s = _("Enter new filename"); - n = strlen(s) + namelen + 10; defname = name && namelen? make_printable_string( name, namelen, 0): NULL; + n = strlen(s) + (defname?strlen (defname):0) + 10; prompt = xmalloc(n); if( defname ) sprintf(prompt, "%s [%s]: ", s, defname );