diff options
author | Andrew Stormont <astormont@racktopsystems.com> | 2016-07-23 03:40:47 +0100 |
---|---|---|
committer | Dan McDonald <danmcd@omniti.com> | 2016-07-26 13:24:12 -0400 |
commit | 67c3092ccd4e8c261df7eded9df072ff9c4e330b (patch) | |
tree | 1679869e1e4a0d0cd84c58722b366013672b2b60 /usr | |
parent | acefc525a071e96f717b3d8d4338fa9d0a807b8a (diff) | |
download | illumos-joyent-67c3092ccd4e8c261df7eded9df072ff9c4e330b.tar.gz |
7214 make buffer under-read while parsing conditional variables
Reviewed by: Richard Lowe <richlowe@richlowe.net>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Diffstat (limited to 'usr')
-rw-r--r-- | usr/src/cmd/make/bin/doname.cc | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/usr/src/cmd/make/bin/doname.cc b/usr/src/cmd/make/bin/doname.cc index 730403ac55..85be203973 100644 --- a/usr/src/cmd/make/bin/doname.cc +++ b/usr/src/cmd/make/bin/doname.cc @@ -21,6 +21,8 @@ /* * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. + * + * Copyright 2016 RackTop Systems. */ /* @@ -2893,8 +2895,12 @@ add_pattern_conditionals(register Name target) pattern = wcb1.get_string(); if (pattern[1] != 0) { percent = (wchar_t *) wcschr(pattern, (int) percent_char); + /* Check for possible buffer under-read */ + if ((length = wcb.length()-wcslen(percent+1)) <= 0) { + continue; + } if (!wcb.equaln(pattern, percent-pattern) || - !IS_WEQUAL(wcb.get_string(wcb.length()-wcslen(percent+1)), percent+1)) { + !IS_WEQUAL(wcb.get_string(length), percent+1)) { continue; } } |