[PATCH 2/5] query_fileowner: avoid buffer overflow

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[PATCH 2/5] query_fileowner: avoid buffer overflow

Andrew Gregory
Copying a string into a buffer that  has just been determined to not be
able to hold it is obviously incorrect.  The actual error handling
appears to have been unintentionally removed in
47762ab687959e48acc2de8592fcf3ba3cfa502b.

Signed-off-by: Andrew Gregory <[hidden email]>
---
 src/pacman/query.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/pacman/query.c b/src/pacman/query.c
index 119764bc..247423fa 100644
--- a/src/pacman/query.c
+++ b/src/pacman/query.c
@@ -205,6 +205,7 @@ static int query_fileowner(alpm_list_t *targets)
  size_t rlen = strlen(rpath);
  if(rlen + 2 >= PATH_MAX) {
  pm_printf(ALPM_LOG_ERROR, _("path too long: %s/\n"), rpath);
+ goto targcleanup;
  }
  strcat(rpath + rlen, "/");
  }
--
2.12.2