From ace0878b0b708e1b04e9e7a62f26c1dc3b9295b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= Date: Fri, 6 Aug 2010 11:34:11 +0300 Subject: config parser: fix memory corruption MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fgets will happily write over allocated area limits. Adjusted the buffer size according to how much is already read. Also increase the maximum default line length, as 80 is slightly small. It might be better if bb_get_chunk_with_continuation would reallocate the line buffer if it was not user given. Signed-off-by: Timo Teräs Signed-off-by: Bernhard Reutner-Fischer --- libc/misc/internals/parse_config.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'libc/misc/internals') diff --git a/libc/misc/internals/parse_config.c b/libc/misc/internals/parse_config.c index cbb6ef7f1..9ddf3ee38 100644 --- a/libc/misc/internals/parse_config.c +++ b/libc/misc/internals/parse_config.c @@ -60,7 +60,7 @@ static off_t bb_get_chunk_with_continuation(parser_t* parsr) char *chp; while (1) { - if (fgets(parsr->line + pos, parsr->line_len, parsr->fp) == NULL) { + if (fgets(parsr->line + pos, parsr->line_len - pos, parsr->fp) == NULL) { memset(parsr->line, 0, parsr->line_len); pos = -1; break; @@ -179,7 +179,7 @@ int attribute_hidden FAST_FUNC config_read(parser_t *parser, char ***tokens, again: if (parser->data == NULL) { if (parser->line_len == 0) - parser->line_len = 81; + parser->line_len = PAGE_SIZE; if (parser->data_len == 0) parser->data_len += 1 + ntokens * sizeof(char *); parser->data = realloc(parser->data, -- cgit v1.2.3