Correct some hardcoded filename string lengths that could cause trouble.

This is from xv-20130328-gabriel-somlo-NAME_MAX-buffer-overrun-fix2.mark-brader-cut-paste-fix.dif
DavidGriffith · May 3, 2017 · 7283ce8 · 7283ce8
1 parent 7b65fd6
commit 7283ce8
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/xv.c b/xv.c
@@ -64,7 +64,7 @@ static const char *maingeom = NULL;
 static const char *icongeom = NULL;
 static Atom   __SWM_VROOT = None;
 
-static char   basefname[MAXPATHLEN];   /* just the current fname, no path */
+static char   basefname[NAME_MAX + 1];   /* just the current fname, no path */
 
 #ifdef TV_L10N
 #  ifndef TV_FONTSET
@@ -2173,11 +2173,13 @@ static int openPic(filenum)
        basefname(compute from fullfname) */
 
     i = LoadPad(&pinfo, fullfname);
+    if (!i) goto FAILED;   /* shouldn't happen */
+
     fullname = fullfname;
     strcpy(filename, fullfname);
+    if (strlen(BaseName(fullfname)) > NAME_MAX) goto FAILED;
     strcpy(basefname, BaseName(fullfname));
 
-    if (!i) goto FAILED;   /* shouldn't happen */
 
     if (killpage) {      /* kill old page files, if any */
       KillPageFiles(pageBaseName, numPages);
@@ -2242,6 +2244,7 @@ static int openPic(filenum)
 #endif
 
   strcpy(fullfname, fullname);
+  if (strlen(BaseName(fullfname)) > NAME_MAX) goto FAILED;
   strcpy(basefname, BaseName(fullname));
 
 
@@ -4004,7 +4007,7 @@ static void createMainWindow(geom, name)
 static void setWinIconNames(name)
      const char *name;
 {
-  char winname[256], iconname[256];
+  char winname[NAME_MAX+sizeof("xv : ")+sizeof(VERSTR)+sizeof(" <unregistered>")+1], iconname[NAME_MAX+1];
 
   if (winTitle) {
     strcpy(winname, winTitle);

diff --git a/xvtext.c b/xvtext.c
@@ -53,7 +53,7 @@
 #  define TV_J_NBUTTS 8
 #endif
 
-#define TITLELEN 128
+#define TITLELEN (NAME_MAX+sizeof("File: ''") + 1)
 
 #ifdef TV_MULTILINGUAL
 struct coding_spec {