diff options
author | Jim Meyering <jim@meyering.net> | 2005-03-10 12:07:31 +0000 |
---|---|---|
committer | Jim Meyering <jim@meyering.net> | 2005-03-10 12:07:31 +0000 |
commit | 5bb81adac0aa0bc0ade7d5b8d6ed97e612a35eb0 (patch) | |
tree | dc4e08e4d7cefeecd76d944ee992f8005bbe8e7c /src/ls.c | |
parent | ecab5d28df67700b90ea49bc20a0c5fd85f98efe (diff) | |
download | coreutils-5bb81adac0aa0bc0ade7d5b8d6ed97e612a35eb0.tar.xz |
(long_time_expected_width): Use x2nrealloc, not alloca,
so format string abuse cannot provoke stack overflow.
(print_long_format): Likewise.
Diffstat (limited to 'src/ls.c')
-rw-r--r-- | src/ls.c | 24 |
1 files changed, 21 insertions, 3 deletions
@@ -3059,12 +3059,20 @@ long_time_expected_width (void) len = nstrftime (buf, bufsize, fmt, tm, 0, 0); if (len || ! *buf) break; - buf = alloca (bufsize *= 2); + if (buf == initbuf) + { + buf = NULL; + bufsize *= 2; + } + buf = x2nrealloc (buf, &bufsize, sizeof *buf); } width = mbsnwidth (buf, len, 0); if (width < 0) width = 0; + + if (buf != initbuf) + free (buf); } return width; @@ -3349,8 +3357,16 @@ print_long_format (const struct fileinfo *f) when_local, 0, when_ns); if (s || ! *p) break; - newbuf = alloca (bufsize *= 2); - memcpy (newbuf, buf, p - buf); + if (buf == init_bigbuf) + { + bufsize *= 2; + newbuf = xmalloc (bufsize); + memcpy (newbuf, buf, p - buf); + } + else + { + newbuf = x2nrealloc (buf, &bufsize, sizeof *buf); + } p = newbuf + (p - buf); buf = newbuf; } @@ -3374,6 +3390,8 @@ print_long_format (const struct fileinfo *f) } DIRED_FPUTS (buf, stdout, p - buf); + if (buf != init_bigbuf) + free (buf); print_name_with_quoting (f->name, FILE_OR_LINK_MODE (f), f->linkok, &dired_obstack); |