summaryrefslogtreecommitdiff
path: root/win32/perlhost.h
diff options
context:
space:
mode:
authorTony Cook <tony@develop-help.com>2017-07-27 10:12:02 +1000
committerSteve Hay <steve.m.hay@googlemail.com>2017-09-10 12:49:04 +0100
commit8586647e338e8eb42c00fe6f687105c9b8a36d44 (patch)
tree1990b47fba528541d0bd68f478e2ccf1922d304b /win32/perlhost.h
parent2be4edede4ae226e2eebd4eff28cedd2041f300f (diff)
downloadperl-8586647e338e8eb42c00fe6f687105c9b8a36d44.tar.gz
(perl #131665) avoid a buffer overflow in a buffer we didn't need
since Lookup() treats its argument as NUL or '=' terminated. Previously environment variable names longer than the size of the buffer would result in a buffer overflow.
Diffstat (limited to 'win32/perlhost.h')
-rw-r--r--win32/perlhost.h10
1 files changed, 2 insertions, 8 deletions
diff --git a/win32/perlhost.h b/win32/perlhost.h
index 84b08c9b90..3260f62a02 100644
--- a/win32/perlhost.h
+++ b/win32/perlhost.h
@@ -2177,17 +2177,11 @@ compare(const void *arg1, const void *arg2)
void
CPerlHost::Add(LPCSTR lpStr)
{
- char szBuffer[1024];
LPSTR *lpPtr;
- int index, length = strlen(lpStr)+1;
-
- for(index = 0; lpStr[index] != '\0' && lpStr[index] != '='; ++index)
- szBuffer[index] = lpStr[index];
-
- szBuffer[index] = '\0';
+ STRLEN length = strlen(lpStr)+1;
// replacing ?
- lpPtr = Lookup(szBuffer);
+ lpPtr = Lookup(lpStr);
if (lpPtr != NULL) {
// must allocate things via host memory allocation functions
// rather than perl's Renew() et al, as the perl interpreter