Blob Blame History Raw
commit 6b93714b83d59ae4147b8ec3887261aca7fd6f65
Author: Dave Anderson <anderson@redhat.com>
Date:   Mon Jan 7 10:44:29 2019 -0500

    Prevent a SIGSEGV if a user attempts to input a command line that
    exceeds the maximum length of 1500 bytes.  The patch displays an
    error message and ignores the command line.
    (anderson@redhat.com)

diff --git a/cmdline.c b/cmdline.c
index 665f48c..796f7c5 100644
--- a/cmdline.c
+++ b/cmdline.c
@@ -1,8 +1,8 @@
 /* cmdline.c - core analysis suite
  *
  * Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
- * Copyright (C) 2002-2015,2017 David Anderson
- * Copyright (C) 2002-2015,2017 Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2002-2015,2019 David Anderson
+ * Copyright (C) 2002-2015,2019 Red Hat, Inc. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -121,9 +121,11 @@ process_command_line(void)
 			args[0] = NULL;
 			fprintf(fp, "\n");
 			return;
-		} 
-
-		strcpy(pc->command_line, pc->readline);
+		}
+		if (strlen(pc->readline) >= BUFSIZE)
+			error(FATAL, "input line exceeds maximum of 1500 bytes\n");	
+		else	
+			strcpy(pc->command_line, pc->readline);
 		free(pc->readline); 
 
 		clean_line(pc->command_line);