mirrors/nano
1
0
Fork 0
mirror of git://git.sv.gnu.org/nano.git synced 2024-11-23 05:11:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

locking: don't try to read more bytes than the buffer can hold

Browse Source 
A normal lock file is apparently 1024 bytes in size, so the second
attempt at reading bytes from the file would try to read 8192 more
bytes into a buffer that has room for only 7168 left.  According to
valgrind, the read() function doesn't like that -- and true: if for
some reason the lock file had suddenly expanded, the buffer would
overflow.

This fixes https://savannah.gnu.org/bugs/?47156.
This commit is contained in:
Benno Schulenberg 2016-04-23 20:39:02 +02:00
parent bfe418febb
commit 2faad1230a
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/files.c
View File

@ -32,6 +32,8 @@
#include <pwd.h>
#include <libgen.h>
#define LOCKBUFSIZE 8192
/* Verify that the containing directory of the given filename exists. */
bool has_valid_path(const char *filename)
{
@ -337,11 +339,11 @@ int do_lockfile(const char *filename)
goto free_the_name;
}
lockbuf = charalloc(8192);
lockbuf = charalloc(LOCKBUFSIZE);
do {
readamt = read(lockfd, &lockbuf[readtot], BUFSIZ);
readamt = read(lockfd, &lockbuf[readtot], LOCKBUFSIZE - readtot);
readtot += readamt;
} while (readtot < 8192 && readamt > 0);
} while (readamt > 0 && readtot < LOCKBUFSIZE);
if (readtot < 48) {
statusbar(_("Error reading lock file %s: Not enough data read"),