diff options
| author | Eric Andersen <andersen@codepoet.org> | 2002-06-06 13:33:01 +0000 |
|---|---|---|
| committer | Eric Andersen <andersen@codepoet.org> | 2002-06-06 13:33:01 +0000 |
| commit | 0d2d1eb59983097f95acc4da874e8f5a78c8b1de (patch) | |
| tree | 1927f1fe812dc9948dc0f561e953eb4e85a47525 | |
| parent | 8610f91ebf0adfc117002ae5a95f449b4ab4a2cc (diff) | |
| download | busybox-w32-0d2d1eb59983097f95acc4da874e8f5a78c8b1de.tar.gz busybox-w32-0d2d1eb59983097f95acc4da874e8f5a78c8b1de.tar.bz2 busybox-w32-0d2d1eb59983097f95acc4da874e8f5a78c8b1de.zip | |
Fix a buffer overflow found by Gerardo Puga <gpuga@gioia.ing.unlp.edu.ar>
-Erik
| -rw-r--r-- | shell/lash.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/shell/lash.c b/shell/lash.c index 53377d4ed..16401225e 100644 --- a/shell/lash.c +++ b/shell/lash.c | |||
| @@ -416,7 +416,7 @@ static int builtin_read(struct child_prog *child) | |||
| 416 | 416 | ||
| 417 | if (child->argv[1]) { | 417 | if (child->argv[1]) { |
| 418 | /* argument (VAR) given: put "VAR=" into buffer */ | 418 | /* argument (VAR) given: put "VAR=" into buffer */ |
| 419 | strcpy(string, child->argv[1]); | 419 | safe_strncpy(string, child->argv[1], MAX_READ-1); |
| 420 | len = strlen(string); | 420 | len = strlen(string); |
| 421 | string[len++] = '='; | 421 | string[len++] = '='; |
| 422 | string[len] = '\0'; | 422 | string[len] = '\0'; |