Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits e831abf
HBSD: Fix potential integer underflow
Shawn Webb committed 1 year ago
commit e831abf9d2607d6906c0d8763120cca9351cc24d
parent b275360
1 file changed +20 -3
modified libpkg/pkg_add.c
@@ -144,6 +144,8 @@ merge_with_external_tool(const char *merge_tool, struct pkg_config_file *lcf,


	char command[MAXPATHLEN];

	for (int i = 0; i < sizeof(command) - 1 && *merge_tool != '\0'; i++, merge_tool++) {
+ 
		int j;
+ 


		if (*merge_tool != '%') {

			command[i] = *merge_tool;

			continue;
@@ -161,17 +163,32 @@ merge_with_external_tool(const char *merge_tool, struct pkg_config_file *lcf,
			tmp_files_index = 2;

			break;

		case 'n':
- 
			i += strlcpy(&command[i], RELATIVE_PATH(rcf->path), sizeof(command) - i) - 1;
+ 
			j = strlcpy(&command[i], RELATIVE_PATH(rcf->path), sizeof(command) - i);
+ 
			if (j == 0) {
+ 
				pkg_emit_error("Max path len hit");
+ 
				return MERGE_FAILED;
+ 
			}
+ 
			i += j - 1;

			continue;

		case 'o':
- 
			i += strlcpy(&command[i], output_path, sizeof(command) - i) - 1;
+ 
			j = strlcpy(&command[i], output_path, sizeof(command) - i);
+ 
			if (j == 0) {
+ 
				pkg_emit_error("Max path len hit");
+ 
				return MERGE_FAILED;
+ 
			}
+ 
			i += j - 1;

			continue;

		default:

			pkg_emit_error("Unknown format string in the MERGETOOL command");

			merge_tool--;

			continue;

		}
- 
		i += strlcpy(&command[i], tmp_files[tmp_files_index].path, sizeof(command) - i) - 1;
+ 
		j = strlcpy(&command[i], tmp_files[tmp_files_index].path, sizeof(command) - i);
+ 
		if (j == 0) {
+ 
			pkg_emit_error("Max path len hit");
+ 
			return MERGE_FAILED;
+ 
		}
+ 
		i += j - 1;

	}



	pid_t pid = process_spawn_pipe(inout, command);