summaryrefslogtreecommitdiff
path: root/win32
diff options
context:
space:
mode:
authorusa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2007-03-17 23:42:00 +0000
committerusa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2007-03-17 23:42:00 +0000
commitf3cde2b5fbd1c936c297a248c4d277339db687ff (patch)
treeadc0b03463ff11b0531fcdc30d437bd672020706 /win32
parent966a25465aab5c2972e6c453f631a15fc2223256 (diff)
downloadbundler-f3cde2b5fbd1c936c297a248c4d277339db687ff.tar.gz
* win32/dir.h, win32/win32.c (rb_w32_opendir, rb_w32_readdir,
rb_w32_closedir): get rid of possible buffer-overflows. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12089 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'win32')
-rw-r--r--win32/dir.h2
-rw-r--r--win32/win32.c22
2 files changed, 15 insertions, 9 deletions
diff --git a/win32/dir.h b/win32/dir.h
index f970745fdf..a0c7fa86c6 100644
--- a/win32/dir.h
+++ b/win32/dir.h
@@ -12,7 +12,7 @@ struct direct
{
long d_namlen;
ino_t d_ino;
- char d_name[256];
+ char *d_name;
char d_isdir; /* directory */
char d_isrep; /* reparse point */
};
diff --git a/win32/win32.c b/win32/win32.c
index 496268705c..a6f3495542 100644
--- a/win32/win32.c
+++ b/win32/win32.c
@@ -1084,7 +1084,7 @@ cmdglob(NtCmdLineElement *patt, NtCmdLineElement **tail)
if (patt->len >= MAXPATHLEN)
if (!(buf = malloc(patt->len + 1))) return 0;
- strncpy (buf, patt->str, patt->len);
+ strncpy(buf, patt->str, patt->len);
buf[patt->len] = '\0';
for (p = buf; *p; p = CharNext(p))
if (*p == '\\')
@@ -1373,7 +1373,7 @@ rb_w32_cmdvector(const char *cmd, char ***vec)
ptr = buffer + (elements+1) * sizeof(char *);
while (curr = cmdhead) {
- strncpy (ptr, curr->str, curr->len);
+ strncpy(ptr, curr->str, curr->len);
ptr[curr->len] = '\0';
*vptr++ = ptr;
ptr += curr->len + 1;
@@ -1409,8 +1409,7 @@ rb_w32_opendir(const char *filename)
DIR *p;
long len;
long idx;
- char scannamespc[PATHLEN];
- char *scanname = scannamespc;
+ char *scanname;
struct stati64 sbuf;
WIN32_FIND_DATA fd;
HANDLE fh;
@@ -1432,14 +1431,17 @@ rb_w32_opendir(const char *filename)
// Get us a DIR structure
//
- p = xcalloc(sizeof(DIR), 1);
+ p = calloc(sizeof(DIR), 1);
if (p == NULL)
return NULL;
//
// Create the search pattern
//
-
+ if (!(scanname = malloc(strlen(filename) + 2 + 1))) {
+ free(p);
+ return NULL;
+ }
strcpy(scanname, filename);
if (index("/\\:", *CharPrev(scanname, scanname + strlen(scanname))) == NULL)
@@ -1452,6 +1454,7 @@ rb_w32_opendir(const char *filename)
//
fh = FindFirstFile(scanname, &fd);
+ free(scanname);
if (fh == INVALID_HANDLE_VALUE) {
errno = map_errno(GetLastError());
free(p);
@@ -1553,9 +1556,10 @@ rb_w32_readdir(DIR *dirp)
//
// first set up the structure to return
//
-
- strcpy(dirp->dirstr.d_name, dirp->curr);
dirp->dirstr.d_namlen = strlen(dirp->curr);
+ if (!(dirp->dirstr.d_name = malloc(dirp->dirstr.d_namlen + 1)))
+ return NULL;
+ strcpy(dirp->dirstr.d_name, dirp->curr);
//
// Fake inode
@@ -1622,6 +1626,8 @@ rb_w32_rewinddir(DIR *dirp)
void
rb_w32_closedir(DIR *dirp)
{
+ if (dirp->dirstr.d_name)
+ free(dirp->dirstr.d_name);
free(dirp->start);
free(dirp->bits);
free(dirp);