1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-08 12:44:23 +01:00

* openfile.c (ask_outfile_name): Fixed buffer overflow occurring

if make_printable_string returns a longer string.  Fixes bug 728.
This commit is contained in:
Werner Koch 2006-11-27 16:41:32 +00:00
parent 80007b9411
commit fecadab9c3
2 changed files with 40 additions and 33 deletions

View File

@ -1,3 +1,8 @@
2006-11-27 Werner Koch <wk@g10code.com>
* openfile.c (ask_outfile_name): Fixed buffer overflow occurring
if make_printable_string returns a longer string. Fixes bug 728.
2006-11-21 Werner Koch <wk@g10code.com> 2006-11-21 Werner Koch <wk@g10code.com>
* Makefile.am (needed_libs): libgnu needs to come after libcommon. * Makefile.am (needed_libs): libgnu needs to come after libcommon.

View File

@ -95,7 +95,7 @@ overwrite_filep( const char *fname )
/**************** /****************
* Strip know extensions from iname and return a newly allocated * Strip known extensions from iname and return a newly allocated
* filename. Return NULL if we can't do that. * filename. Return NULL if we can't do that.
*/ */
char * char *
@ -126,45 +126,47 @@ make_outfile_name( const char *iname )
} }
/**************** /* Ask for an output filename; use the given one as default. Return
* Ask for a outputfilename and use the given one as default. NULL if no file has been given or if it is not possible to ask the
* Return NULL if no file has been given or it is not possible to user. NAME is the template len which might conatin enbedded Nuls.
* ask the user. NAMELEN is its actual length.
*/ */
char * char *
ask_outfile_name( const char *name, size_t namelen ) ask_outfile_name( const char *name, size_t namelen )
{ {
size_t n; size_t n;
const char *s; const char *s;
char *prompt; char *prompt;
char *fname; char *fname;
char *defname; char *defname;
if( opt.batch ) if ( opt.batch )
return NULL; return NULL;
s = _("Enter new filename"); defname = name && namelen? make_printable_string (name, namelen, 0) : NULL;
n = strlen(s) + namelen + 10; s = _("Enter new filename");
defname = name && namelen? make_printable_string( name, namelen, 0): NULL; n = strlen(s) + (defname?strlen (defname):0) + 10;
prompt = xmalloc(n); prompt = xmalloc (n);
if( defname ) if (defname)
sprintf(prompt, "%s [%s]: ", s, defname ); snprintf (prompt, n-1, "%s [%s]: ", s, defname );
else else
sprintf(prompt, "%s: ", s ); snprintf (prompt, n-1, "%s: ", s );
tty_enable_completion(NULL); tty_enable_completion(NULL);
fname = cpr_get("openfile.askoutname", prompt ); fname = cpr_get ("openfile.askoutname", prompt );
cpr_kill_prompt(); cpr_kill_prompt ();
tty_disable_completion(); tty_disable_completion ();
xfree(prompt); xfree (prompt);
if( !*fname ) { if ( !*fname )
xfree( fname ); fname = NULL; {
fname = defname; defname = NULL; xfree (fname);
fname = defname;
defname = NULL;
} }
xfree(defname); xfree (defname);
if (fname) if (fname)
trim_spaces (fname); trim_spaces (fname);
return fname; return fname;
} }