diff options
| author | Bill Nottingham <notting@redhat.com> | 2003-06-13 21:46:08 +0000 |
|---|---|---|
| committer | Bill Nottingham <notting@redhat.com> | 2003-06-13 21:46:08 +0000 |
| commit | a1264de80fbb439076f4314b16e869fc198fb388 (patch) | |
| tree | dc5c973c1fbdf36a20a776055a5c9b24a8f94b6b /src/usernetctl.c | |
| parent | 781b0f41187b41c3cf1d2e0f570ec2432b146660 (diff) | |
| download | initscripts-a1264de80fbb439076f4314b16e869fc198fb388.tar initscripts-a1264de80fbb439076f4314b16e869fc198fb388.tar.gz initscripts-a1264de80fbb439076f4314b16e869fc198fb388.tar.bz2 initscripts-a1264de80fbb439076f4314b16e869fc198fb388.tar.xz initscripts-a1264de80fbb439076f4314b16e869fc198fb388.zip | |
fix leaked fd, potential usernetctl badness, and initlog/process bogons (<linux_4ever@yahoo.com>)
Diffstat (limited to 'src/usernetctl.c')
| -rw-r--r-- | src/usernetctl.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/usernetctl.c b/src/usernetctl.c index e6bc4a22..6ace9e90 100644 --- a/src/usernetctl.c +++ b/src/usernetctl.c @@ -7,6 +7,7 @@ #include <string.h> #include <sys/stat.h> #include <unistd.h> +#include <limits.h> /* This will be running setuid root, so be careful! */ static char * safeEnviron[] = { @@ -156,8 +157,15 @@ main(int argc, char ** argv) { /* automatically prepend "ifcfg-" if it is not specified */ if (strncmp(ifaceConfig, "ifcfg-", 6)) { char *temp; + size_t len = strlen(ifaceConfig); - temp = (char *) alloca(strlen(ifaceConfig) + 7); + /* Make sure a wise guys hasn't tried an integer wrap-around or + stack overflow attack. There's no way it could refer to anything + bigger than the largest filename, so cut 'em off there. */ + if (len > PATH_MAX) + exit(1); + + temp = (char *) alloca(len + 7); strcpy(temp, "ifcfg-"); /* strcat is safe because we got the length from strlen */ strcat(temp, ifaceConfig); |