Skip to content

V
varnish-cache
Switch branch/tag
History Find file
  • Dridi Boukelmoune's avatar
    Kill strcat and strcpy usage in VIN_n_Arg · 3a1fd9bb
    Dridi Boukelmoune authored 
    If an absolute path is provided as n_arg with a length of exactly
PATH_MAX-1 then the combination of strcpy and strcat for the trailing
slash '/' overflows dn by one byte, writing its new null-terminating
character '\0' right after dn's upper bound.

By using a fixed-length VSB we can simply ensure that we stay within
bounds at a reasonable cost. Guarding VSB operations should silence
Flexelint as a nice side effect.

VIN_n_Arg is not exposed outside of the source tree, and both callers
today provide a valid dir argument, so we can now make it part of the
contract with an assertion, simplifying the strdup error handling.
    3a1fd9bb
Name
Last commit
 Last update
.github Loading commit data...
bin Loading commit data...
doc Loading commit data...
etc Loading commit data...
include Loading commit data...
lib Loading commit data...
m4 Loading commit data...
man Loading commit data...
tools Loading commit data...
.dir-locals.el Loading commit data...
.gitignore Loading commit data...
.lgtm.yml Loading commit data...
.syntastic_c_config Loading commit data...
.travis.yml Loading commit data...
CONTRIBUTING Loading commit data...
ChangeLog Loading commit data...
INSTALL Loading commit data...
LICENSE Loading commit data...
Makefile.am Loading commit data...
README.Packaging Loading commit data...
README.rst Loading commit data...
autogen.des Loading commit data...
autogen.sh Loading commit data...
configure.ac Loading commit data...
flint.lnt Loading commit data...
varnish-legacy.m4 Loading commit data...
varnish.m4 Loading commit data...
varnishapi-uninstalled.pc.in Loading commit data...
varnishapi.pc.in Loading commit data...