[Sbcl-commits] CVS: sbcl/src/runtime wrap.c,1.30,1.31

[Richard M K. <kr...@us...>]

Update of /cvsroot/sbcl/sbcl/src/runtime
In directory sc8-pr-cvs8.sourceforge.net:/tmp/cvs-serv26998/src/runtime

Modified Files:
	wrap.c 
Log Message:
1.0.13.51: Fixups in mkstemp wrapper used in RUN-PROGRAM.

* Preclude a buffer overflow (though one that cannot occur at present,
  given the single caller of this routine).  Contributed by Alex
  Plotnick.





Index: wrap.c
===================================================================
RCS file: /cvsroot/sbcl/sbcl/src/runtime/wrap.c,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -d -r1.30 -r1.31
--- wrap.c	10 Jan 2008 01:48:12 -0000	1.30
+++ wrap.c	22 Jan 2008 17:14:31 -0000	1.31
@@ -305,10 +305,11 @@
        template on every loop, but only the last several characters.
        But I didn't feel like testing the boundary cases in Windows's
        _mktemp. */
-    strcpy((char*)&buf, template);
-    if (MKTEMP((char*)&buf)) {
-      if ((fd=open((char*)&buf, O_CREAT|O_EXCL|O_RDWR, mode))!=-1) {
-        strcpy(template, (char*)&buf);
+    strncpy(buf, template, PATHNAME_BUFFER_SIZE);
+    buf[PATHNAME_BUFFER_SIZE-1]=0; /* force NULL-termination */
+    if (MKTEMP(buf)) {
+      if ((fd=open(buf, O_CREAT|O_EXCL|O_RDWR, mode))!=-1) {
+        strcpy(template, buf);
         return (fd);
       } else
         if (errno != EEXIST)