(perl #131665) avoid a buffer overflow in a buffer we didn't need

since Lookup() treats its argument as NUL or '=' terminated. Previously environment variable names longer than the size of the buffer would result in a buffer overflow.
author: Tony Cook <tony@develop-help.com> 2017-07-27 10:12:02 +1000
committer: Steve Hay <steve.m.hay@googlemail.com> 2017-09-10 12:49:04 +0100
commit: 8586647e338e8eb42c00fe6f687105c9b8a36d44 (patch)
tree: 1990b47fba528541d0bd68f478e2ccf1922d304b /win32/perlhost.h
parent: 2be4edede4ae226e2eebd4eff28cedd2041f300f (diff)
download: perl-8586647e338e8eb42c00fe6f687105c9b8a36d44.tar.gz
1 files changed, 2 insertions, 8 deletions
diff --git a/win32/perlhost.h b/win32/perlhost.h
index 84b08c9b90..3260f62a02 100644
--- a/win32/perlhost.h
+++ b/win32/perlhost.h
@@ -2177,17 +2177,11 @@ compare(const void *arg1, const void *arg2)
 void
 CPerlHost::Add(LPCSTR lpStr)
 {
-    char szBuffer[1024];
     LPSTR *lpPtr;
-    int index, length = strlen(lpStr)+1;
-
-    for(index = 0; lpStr[index] != '\0' && lpStr[index] != '='; ++index)
-	szBuffer[index] = lpStr[index];
-
-    szBuffer[index] = '\0';
+    STRLEN length = strlen(lpStr)+1;
 
     // replacing ?
-    lpPtr = Lookup(szBuffer);
+    lpPtr = Lookup(lpStr);
     if (lpPtr != NULL) {
 	// must allocate things via host memory allocation functions 
 	// rather than perl's Renew() et al, as the perl interpreter
author	Tony Cook <tony@develop-help.com>	2017-07-27 10:12:02 +1000
committer	Steve Hay <steve.m.hay@googlemail.com>	2017-09-10 12:49:04 +0100
commit	8586647e338e8eb42c00fe6f687105c9b8a36d44 (patch)
tree	1990b47fba528541d0bd68f478e2ccf1922d304b /win32/perlhost.h
parent	2be4edede4ae226e2eebd4eff28cedd2041f300f (diff)
download	perl-8586647e338e8eb42c00fe6f687105c9b8a36d44.tar.gz