simplify fill_args a little and use strlcpy for paranoia

diff --git a/parse.lex b/parse.lex
index bfe78ee3ed1b9e089f8d814f2733703d28542add..c128e55b8014dcebf637eecdb0fd6095fb2bdda9 100644 (file)
--- a/parse.lex
+++ b/parse.lex
@@ -405,41 +405,31 @@ fill_args(s, len, addspace)
     int new_len;
     char *p;
 
-    /*
-     * If first arg, malloc() some room, else if we don't
-     * have enough space realloc() some more.
-     */
     if (yylval.command.args == NULL) {
        addspace = 0;
        new_len = len;
+    } else
+       new_len = arg_len + len + addspace;
 
+    if (new_len >= arg_size) {
+       /* Allocate more space than we need for subsequent args */
        while (new_len >= (arg_size += COMMANDARGINC))
            ;
 
-       yylval.command.args = (char *) malloc(arg_size);
-       if (yylval.command.args == NULL)
-           yyerror("unable to allocate memory");
-    } else {
-       new_len = arg_len + len + addspace;
-
-       if (new_len >= arg_size) {
-           /* Allocate more space than we need for subsequent args */
-           while (new_len >= (arg_size += COMMANDARGINC))
-               ;
-
-           if ((p = (char *) realloc(yylval.command.args, arg_size)) == NULL) {
+       if ((p = (char *) realloc(yylval.command.args, arg_size)) == NULL) {
+           if (yylval.command.args != NULL)
                free(yylval.command.args);
-               yyerror("unable to allocate memory");
-           } else
-               yylval.command.args = p;
-       }
+           yyerror("unable to allocate memory");
+       } else
+           yylval.command.args = p;
     }
 
     /* Efficiently append the arg (with a leading space if needed). */
     p = yylval.command.args + arg_len;
     if (addspace)
        *p++ = ' ';
-    (void) strcpy(p, s);
+    if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len)
+       yyerror("fill_args: buffer overflow");  /* paranoia */
     arg_len = new_len;
 }