1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

* openfile.c (ask_outfile_name): Fixed buffer overflow occurring

if make_printable_string returns a longer string.  Fixes bug 728.
This commit is contained in:
Werner Koch 2006-11-27 16:41:32 +00:00
parent 80007b9411
commit fecadab9c3
2 changed files with 40 additions and 33 deletions

View File

@ -1,3 +1,8 @@
2006-11-27 Werner Koch <wk@g10code.com>
* openfile.c (ask_outfile_name): Fixed buffer overflow occurring
if make_printable_string returns a longer string. Fixes bug 728.
2006-11-21 Werner Koch <wk@g10code.com> 2006-11-21 Werner Koch <wk@g10code.com>
* Makefile.am (needed_libs): libgnu needs to come after libcommon. * Makefile.am (needed_libs): libgnu needs to come after libcommon.

View File

@ -95,7 +95,7 @@ overwrite_filep( const char *fname )
/**************** /****************
* Strip know extensions from iname and return a newly allocated * Strip known extensions from iname and return a newly allocated
* filename. Return NULL if we can't do that. * filename. Return NULL if we can't do that.
*/ */
char * char *
@ -126,10 +126,10 @@ make_outfile_name( const char *iname )
} }
/**************** /* Ask for an output filename; use the given one as default. Return
* Ask for a outputfilename and use the given one as default. NULL if no file has been given or if it is not possible to ask the
* Return NULL if no file has been given or it is not possible to user. NAME is the template len which might conatin enbedded Nuls.
* ask the user. NAMELEN is its actual length.
*/ */
char * char *
ask_outfile_name( const char *name, size_t namelen ) ask_outfile_name( const char *name, size_t namelen )
@ -143,23 +143,25 @@ ask_outfile_name( const char *name, size_t namelen )
if ( opt.batch ) if ( opt.batch )
return NULL; return NULL;
s = _("Enter new filename");
n = strlen(s) + namelen + 10;
defname = name && namelen? make_printable_string (name, namelen, 0) : NULL; defname = name && namelen? make_printable_string (name, namelen, 0) : NULL;
s = _("Enter new filename");
n = strlen(s) + (defname?strlen (defname):0) + 10;
prompt = xmalloc (n); prompt = xmalloc (n);
if (defname) if (defname)
sprintf(prompt, "%s [%s]: ", s, defname ); snprintf (prompt, n-1, "%s [%s]: ", s, defname );
else else
sprintf(prompt, "%s: ", s ); snprintf (prompt, n-1, "%s: ", s );
tty_enable_completion(NULL); tty_enable_completion(NULL);
fname = cpr_get ("openfile.askoutname", prompt ); fname = cpr_get ("openfile.askoutname", prompt );
cpr_kill_prompt (); cpr_kill_prompt ();
tty_disable_completion (); tty_disable_completion ();
xfree (prompt); xfree (prompt);
if( !*fname ) { if ( !*fname )
xfree( fname ); fname = NULL; {
fname = defname; defname = NULL; xfree (fname);
fname = defname;
defname = NULL;
} }
xfree (defname); xfree (defname);
if (fname) if (fname)