Add bounds check for cvs command arguments. Initial diff by Tobias

Stoeckmann, rearranged to "if (num_items >= BUFSIZ)" format for readability. I would have liked to allow our cvs client to accept as many arguments as the system would allow, but the argument parsing code is surprising hairy. OK niallo@.
author: ray <ray@openbsd.org> 2007-05-27 21:14:06 +0000
committer: ray <ray@openbsd.org> 2007-05-27 21:14:06 +0000
commit: 03db68cb3341e15ee3488eb3e9183cbd656aa8d4 (patch)
tree: c3fd94fa5b94a6ba55ba34e6e0dc63d21356b3bc
parent: remove two TODO items: (diff)
download: wireguard-openbsd-03db68cb3341e15ee3488eb3e9183cbd656aa8d4.tar.xz
wireguard-openbsd-03db68cb3341e15ee3488eb3e9183cbd656aa8d4.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.bin/cvs/cvs.c b/usr.bin/cvs/cvs.c
index 19b6a3ed96d..07189832b90 100644
--- a/usr.bin/cvs/cvs.c
+++ b/usr.bin/cvs/cvs.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: cvs.c,v 1.127 2007/05/27 04:12:32 ray Exp $	*/
+/*	$OpenBSD: cvs.c,v 1.128 2007/05/27 21:14:06 ray Exp $	*/
 /*
  * Copyright (c) 2006, 2007 Joris Vink <joris@openbsd.org>
  * Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org>
@@ -233,6 +233,8 @@ main(int argc, char **argv)
 		cmd_argc += ret;
 	}
 
+	if (argc + cmd_argc >= CVS_CMD_MAXARG)
+		fatal("main: too many arguments for `%s'", cmd_argv[0]);
 	for (ret = 1; ret < argc; ret++)
 		cmd_argv[cmd_argc++] = argv[ret];
author	ray <ray@openbsd.org>	2007-05-27 21:14:06 +0000
committer	ray <ray@openbsd.org>	2007-05-27 21:14:06 +0000
commit	03db68cb3341e15ee3488eb3e9183cbd656aa8d4 (patch)
tree	c3fd94fa5b94a6ba55ba34e6e0dc63d21356b3bc
parent	remove two TODO items: (diff)
download	wireguard-openbsd-03db68cb3341e15ee3488eb3e9183cbd656aa8d4.tar.xz wireguard-openbsd-03db68cb3341e15ee3488eb3e9183cbd656aa8d4.zip