Skip to content

Commit

Permalink
Fix potention buffer overflow bug in cob_expand_env_string
Browse files Browse the repository at this point in the history
  • Loading branch information
@lefessan
lefessan committed Dec 15, 2023
1 parent 5b0682e commit a07514b
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 3 deletions.
1 change: 1 addition & 0 deletions libcob/ChangeLog
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
2023-11-29 Fabrice Le Fessant <[email protected]>

* common.c (cob_get_strerror), coblocal.h: export as utility function
* common.c (cob_expand_env_string): fix potention buffer overflow

2023-07-28 Simon Sobisch <[email protected]>

Expand Down
7 changes: 4 additions & 3 deletions libcob/common.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7785,9 +7785,10 @@ cob_expand_env_string (char *strval)
}
}
if (penv != NULL) {
if ((strlen (penv) + j) > (envlen - 128)) {
env = cob_realloc (env, envlen, strlen (penv) + 256);
envlen = strlen (penv) + 256;
size_t copy_len = strlen (penv);
if (copy_len + j + 128 > envlen) {
env = cob_realloc (env, envlen, j + copy_len + 256);
envlen = j + copy_len + 256;
}
j += sprintf (&env[j], "%s", penv);
penv = NULL;
Expand Down

0 comments on commit a07514b

Please sign in to comment.