diff options
| -rw-r--r-- | ext/DynaLoader/dl_win32.xs | 4 | ||||
| -rwxr-xr-x[-rw-r--r--] | lib/overload/numbers.pm | 0 |
2 files changed, 4 insertions, 0 deletions
diff --git a/ext/DynaLoader/dl_win32.xs b/ext/DynaLoader/dl_win32.xs index 60ec703b92..94b3fe3e83 100644 --- a/ext/DynaLoader/dl_win32.xs +++ b/ext/DynaLoader/dl_win32.xs @@ -72,6 +72,10 @@ dl_static_linked(char *filename) static char subStr[] = "/auto/"; char szBuffer[MAX_PATH]; + /* avoid buffer overflow when called with invalid filenames */ + if (strlen(filename) >= sizeof(szBuffer)) + return 0; + /* change all the '\\' to '/' */ strcpy(szBuffer, filename); for(ptr = szBuffer; ptr = strchr(ptr, '\\'); ++ptr) diff --git a/lib/overload/numbers.pm b/lib/overload/numbers.pm index 599361e9d3..599361e9d3 100644..100755 --- a/lib/overload/numbers.pm +++ b/lib/overload/numbers.pm |