From 0860822bb2a1bbc6e40758e2e6413181b26b6b04 Mon Sep 17 00:00:00 2001
From: Dirk <doj@cubic.org>
Date: Thu, 11 Feb 2016 18:48:13 +0000
Subject: missing bounds check in makedepend for file arguments

When assigning source code files from the command line to the fp pointer,
no bounds check is done and if more than MAXFILES file names are specified
on the command line, memory will be overridden out of bounds.

https://bugs.freedesktop.org/show_bug.cgi?id=94099

Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Tested-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
---
 main.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/main.c b/main.c
index e73cd8d..e5cb70c 100644
--- a/main.c
+++ b/main.c
@@ -232,6 +232,9 @@ main(int argc, char *argv[])
 			/* treat +thing as an option for C++ */
 			if (endmarker && **argv == '+')
 				continue;
+			if (fp >= filelist + MAXFILES) {
+			    fatalerr("Too many source files. Limit is %i files.\n", MAXFILES);
+			}
 			*fp++ = argv[0];
 			continue;
 		}
-- 
cgit v1.2.1