|
 |
a85ba1 |
diff --git a/common/options.c b/common/options.c
|
|
|
a85ba1 |
index 83e0384..8a1deca 100644
|
|
|
a85ba1 |
--- a/common/options.c
|
|
|
a85ba1 |
+++ b/common/options.c
|
|
|
a85ba1 |
@@ -1672,7 +1672,8 @@ format_min_length(format, oc)
|
|
|
a85ba1 |
|
|
|
a85ba1 |
|
|
|
a85ba1 |
/* Format the specified option so that a human can easily read it. */
|
|
|
a85ba1 |
-
|
|
|
a85ba1 |
+/* Maximum pretty printed size */
|
|
|
a85ba1 |
+#define MAX_OUTPUT_SIZE 32*1024
|
|
|
a85ba1 |
const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
|
|
|
a85ba1 |
struct option *option;
|
|
|
a85ba1 |
const unsigned char *data;
|
|
|
a85ba1 |
@@ -1680,8 +1681,9 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
|
|
|
a85ba1 |
int emit_commas;
|
|
|
a85ba1 |
int emit_quotes;
|
|
|
a85ba1 |
{
|
|
|
a85ba1 |
- static char optbuf [32768]; /* XXX */
|
|
|
a85ba1 |
- static char *endbuf = &optbuf[sizeof(optbuf)];
|
|
|
a85ba1 |
+ /* We add 128 byte pad so we don't have to add checks everywhere. */
|
|
|
a85ba1 |
+ static char optbuf [MAX_OUTPUT_SIZE + 128]; /* XXX */
|
|
|
a85ba1 |
+ static char *endbuf = optbuf + MAX_OUTPUT_SIZE;
|
|
|
a85ba1 |
int hunksize = 0;
|
|
|
a85ba1 |
int opthunk = 0;
|
|
|
a85ba1 |
int hunkinc = 0;
|
|
|
a85ba1 |
@@ -2132,7 +2134,14 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
|
|
|
a85ba1 |
log_error ("Unexpected format code %c",
|
|
|
a85ba1 |
fmtbuf [j]);
|
|
|
a85ba1 |
}
|
|
|
a85ba1 |
+
|
|
|
a85ba1 |
op += strlen (op);
|
|
|
a85ba1 |
+ if (op >= endbuf) {
|
|
|
a85ba1 |
+ log_error ("Option data exceeds"
|
|
|
a85ba1 |
+ " maximum size %d", MAX_OUTPUT_SIZE);
|
|
|
a85ba1 |
+ return ("<error>");
|
|
|
a85ba1 |
+ }
|
|
|
a85ba1 |
+
|
|
|
a85ba1 |
if (dp == data + len)
|
|
|
a85ba1 |
break;
|
|
|
a85ba1 |
if (j + 1 < numelem && comma != ':')
|