Blame SOURCES/unzip-6.0-COVSCAN-strcpy-with-overlapping-strings.patch
|
|
623fdc |
From 8f6be666289211661906922cdfe6ea5a08c5b458 Mon Sep 17 00:00:00 2001
|
|
|
623fdc |
From: Jakub Martisko <jamartis@redhat.com>
|
|
|
623fdc |
Date: Tue, 13 Nov 2018 09:57:43 +0100
|
|
|
623fdc |
Subject: [PATCH] envargs.c: strcpy with overlapping strings
|
|
|
623fdc |
|
|
|
623fdc |
---
|
|
|
623fdc |
envargs.c | 4 +++-
|
|
|
623fdc |
1 file changed, 3 insertions(+), 1 deletion(-)
|
|
|
623fdc |
|
|
|
623fdc |
diff --git a/envargs.c b/envargs.c
|
|
|
623fdc |
index f0a230d..daa3e47 100644
|
|
|
623fdc |
--- a/envargs.c
|
|
|
623fdc |
+++ b/envargs.c
|
|
|
623fdc |
@@ -31,6 +31,7 @@
|
|
|
623fdc |
#define __ENVARGS_C /* identifies this source module */
|
|
|
623fdc |
#define UNZIP_INTERNAL
|
|
|
623fdc |
#include "unzip.h"
|
|
|
623fdc |
+#include <string.h>
|
|
|
623fdc |
|
|
|
623fdc |
#ifdef __EMX__ /* emx isspace() returns TRUE on extended ASCII !! */
|
|
|
623fdc |
# define ISspace(c) ((c) & 0x80 ? 0 : isspace((unsigned)c))
|
|
|
623fdc |
@@ -118,7 +119,8 @@ int envargs(Pargc, Pargv, envstr, envstr2)
|
|
|
623fdc |
|
|
|
623fdc |
/* remove escape characters */
|
|
|
623fdc |
while ((argstart = MBSCHR(argstart, '\\')) != (char *)NULL) {
|
|
|
623fdc |
- strcpy(argstart, argstart + 1);
|
|
|
623fdc |
+ //strcpy(argstart, argstart + 1);
|
|
|
623fdc |
+ memmove(argstart, argstart + 1,strlen(argstart + 1) + 1);
|
|
|
623fdc |
if (*argstart)
|
|
|
623fdc |
++argstart;
|
|
|
623fdc |
}
|
|
|
623fdc |
--
|
|
|
623fdc |
2.14.5
|
|
|
623fdc |
|