HOME="" out of boundary access

which-bugs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

HOME="" out of boundary access

From:	Tobias Stoeckmann
Subject:	HOME="" out of boundary access
Date:	Sun, 21 Jun 2015 12:27:39 +0200

If environment variable HOME is set but empty, the check for a trailing
slash would lead to an out of boundary access.

--- which-2.21/which.c~ 2015-06-21 11:53:10.569495520 +0200
+++ which-2.21/which.c  2015-06-21 11:56:55.298057365 +0200
@@ -515,7 +515,7 @@
     strncpy(home, h, sizeof(home));
     home[sizeof(home) - 1] = 0;
     homelen = strlen(home);
-    if (home[homelen - 1] != '/' && homelen < sizeof(home) - 1)
+    if (homelen == 0 || home[homelen - 1] != '/' && homelen < sizeof(home) - 1)
     {
       strcat(home, "/");
       ++homelen;

[Prev in Thread]

Current Thread

[Next in Thread]

HOME="" out of boundary access, Tobias Stoeckmann <=

Prev by Date: get_current_working_directory buffer overflow
Next by Date: path_clean_up buffer overflow
Previous by thread: get_current_working_directory buffer overflow
Next by thread: path_clean_up buffer overflow
Index(es):
- Date
- Thread