2004-03-01 Roland McGrath <roland@redhat.com>

	* strace.c (main): Avoid potential buffer overruns from ludicrous
	arguments or PATH values.

diff --git a/strace.c b/strace.c
index 3f42b3c3293f1eaf4a8635c0a27f04b655b8853d..23d72c8d81bb65bc7cb6b92162fc2e75cd58ffc4 100644 (file)
--- a/strace.c
+++ b/strace.c
@@ -417,8 +417,14 @@ char *argv[];
                char pathname[MAXPATHLEN];
 
                filename = argv[optind];
-               if (strchr(filename, '/'))
+               if (strchr(filename, '/')) {
+                       if (strlen(filename) > sizeof pathname - 1) {
+                               errno = ENAMETOOLONG;
+                               perror("strace: exec");
+                               exit(1);
+                       }
                        strcpy(pathname, filename);
+               }
 #ifdef USE_DEBUGGING_EXEC
                /*
                 * Debuggers customarily check the current directory
@@ -443,6 +449,8 @@ char *argv[];
                                        getcwd(pathname, MAXPATHLEN);
                                        len = strlen(pathname);
                                }
+                               else if (n > sizeof pathname - 1)
+                                       continue;
                                else {
                                        strncpy(pathname, path, n);
                                        len = n;