result might not fit in 'int'.
(set_local_socket): Do not assume uid fits in 'int'.
+ * etags.c (xmalloc, xrealloc): Accept size_t, not unsigned int,
+ to avoid potential buffer overflow issues on typical 64-bit hosts.
+ (whatlen_max): New static var.
+ (main): Avoid buffer overflow if subsidiary command length is
+ greater than BUFSIZ or 2*BUFSIZ + 20. Do not use sprintf when its
+ result might not fit in 'int'.
+
2011-07-28 Paul Eggert <eggert@cs.ucla.edu>
Assume freestanding C89 headers, string.h, stdlib.h.
static void canonicalize_filename (char *);
static void linebuffer_init (linebuffer *);
static void linebuffer_setlen (linebuffer *, int);
-static PTR xmalloc (unsigned int);
-static PTR xrealloc (char *, unsigned int);
+static PTR xmalloc (size_t);
+static PTR xrealloc (char *, size_t);
\f
static char searchar = '/'; /* use /.../ searches */
static char *cwd; /* current working directory */
static char *tagfiledir; /* directory of tagfile */
static FILE *tagf; /* ioptr for tags file */
+static ptrdiff_t whatlen_max; /* maximum length of any 'what' member */
static fdesc *fdhead; /* head of file description list */
static fdesc *curfdp; /* current file description */
int current_arg, file_count;
linebuffer filename_lb;
bool help_asked = FALSE;
+ ptrdiff_t len;
char *optstring;
int opt;
/* This means that a file name has been seen. Record it. */
argbuffer[current_arg].arg_type = at_filename;
argbuffer[current_arg].what = optarg;
+ len = strlen (optarg);
+ if (whatlen_max < len)
+ whatlen_max = len;
++current_arg;
++file_count;
break;
/* Parse standard input. Idea by Vivek <vivek@etla.org>. */
argbuffer[current_arg].arg_type = at_stdin;
argbuffer[current_arg].what = optarg;
+ len = strlen (optarg);
+ if (whatlen_max < len)
+ whatlen_max = len;
++current_arg;
++file_count;
if (parsing_stdin)
case 'r':
argbuffer[current_arg].arg_type = at_regexp;
argbuffer[current_arg].what = optarg;
+ len = strlen (optarg);
+ if (whatlen_max < len)
+ whatlen_max = len;
++current_arg;
break;
case 'R':
{
argbuffer[current_arg].arg_type = at_filename;
argbuffer[current_arg].what = argv[optind];
+ len = strlen (argv[optind]);
+ if (whatlen_max < len)
+ whatlen_max = len;
++current_arg;
++file_count;
}
/* From here on, we are in (CTAGS && !cxref_style) */
if (update)
{
- char cmd[BUFSIZ];
+ char *cmd =
+ xmalloc (strlen (tagfile) + whatlen_max +
+ sizeof "mv..OTAGS;fgrep -v '\t\t' OTAGS >;rm OTAGS");
for (i = 0; i < current_arg; ++i)
{
switch (argbuffer[i].arg_type)
default:
continue; /* the for loop */
}
- sprintf (cmd,
- "mv %s OTAGS;fgrep -v '\t%s\t' OTAGS >%s;rm OTAGS",
- tagfile, argbuffer[i].what, tagfile);
+ strcpy (cmd, "mv ");
+ strcat (cmd, tagfile);
+ strcat (cmd, " OTAGS;fgrep -v '\t");
+ strcat (cmd, argbuffer[i].what);
+ strcat (cmd, "\t' OTAGS >");
+ strcat (cmd, tagfile);
+ strcat (cmd, ";rm OTAGS");
if (system (cmd) != EXIT_SUCCESS)
fatal ("failed to execute shell command", (char *)NULL);
}
+ free (cmd);
append_to_tagfile = TRUE;
}
if (CTAGS)
if (append_to_tagfile || update)
{
- char cmd[2*BUFSIZ+20];
+ char *cmd = xmalloc (2 * strlen (tagfile) + sizeof "sort -u -o..");
/* Maybe these should be used:
setenv ("LC_COLLATE", "C", 1);
setenv ("LC_ALL", "C", 1); */
- sprintf (cmd, "sort -u -o %.*s %.*s", BUFSIZ, tagfile, BUFSIZ, tagfile);
+ strcpy (cmd, "sort -u -o ");
+ strcat (cmd, tagfile);
+ strcat (cmd, " ");
+ strcat (cmd, tagfile);
exit (system (cmd));
}
return EXIT_SUCCESS;
/* Like malloc but get fatal error if memory is exhausted. */
static PTR
-xmalloc (unsigned int size)
+xmalloc (size_t size)
{
PTR result = (PTR) malloc (size);
if (result == NULL)
}
static PTR
-xrealloc (char *ptr, unsigned int size)
+xrealloc (char *ptr, size_t size)
{
PTR result = (PTR) realloc (ptr, size);
if (result == NULL)
HCoop / bpt / emacs.git / commitdiff