diff options
| author | Jo-Philipp Wich <jow@openwrt.org> | 2014-09-22 15:23:06 +0200 |
|---|---|---|
| committer | Jo-Philipp Wich <jow@openwrt.org> | 2014-09-22 15:23:36 +0200 |
| commit | 62f87a4a62441b1da7c4f653065692f988b85ed8 (patch) | |
| tree | ad48bf782c2efafa23058e0b88309ead3f5ee12d | |
| parent | 4bdc9a6325c8113ca11d107ef875371ad8363ade (diff) | |
| download | uhttpd-62f87a4a62441b1da7c4f653065692f988b85ed8.tar.gz | |
Fix possible buffer overruns in uh_file_dirlist()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
| -rw-r--r-- | uhttpd-file.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/uhttpd-file.c b/uhttpd-file.c index e72f80e..135f55b 100644 --- a/uhttpd-file.c +++ b/uhttpd-file.c @@ -283,14 +283,14 @@ static void uh_file_dirlist(struct client *cl, struct path_info *pi) alphasort)) > 0) { memset(filename, 0, sizeof(filename)); - memcpy(filename, pi->phys, sizeof(filename)); + memcpy(filename, pi->phys, sizeof(filename) - 1); pathptr = &filename[strlen(filename)]; /* list subdirs */ for (i = 0; i < count; i++) { - strncat(filename, files[i]->d_name, - sizeof(filename) - strlen(files[i]->d_name)); + snprintf(pathptr, sizeof(filename) - (pathptr - filename), + "%s", files[i]->d_name); if (!stat(filename, &s) && (s.st_mode & S_IFDIR) && (s.st_mode & S_IXOTH)) @@ -312,8 +312,8 @@ static void uh_file_dirlist(struct client *cl, struct path_info *pi) /* list files */ for (i = 0; i < count; i++) { - strncat(filename, files[i]->d_name, - sizeof(filename) - strlen(files[i]->d_name)); + snprintf(pathptr, sizeof(filename) - (pathptr - filename), + "%s", files[i]->d_name); if (!stat(filename, &s) && !(s.st_mode & S_IFDIR) && (s.st_mode & S_IROTH)) |