| commit | 181ace28ed41ba15078285194a9b9d6e52b46844 | [log] [tgz] |
|---|---|---|
| author | Bram Moolenaar <Bram@vim.org> | Wed Feb 13 14:36:44 2013 +0100 |
| committer | Bram Moolenaar <Bram@vim.org> | Wed Feb 13 14:36:44 2013 +0100 |
| tree | f409492fa74ff962884cca940307444d14d22127 | |
| parent | 76d711c3b5397b749a67d229150d3c1ff3f33add [diff] [blame] |
updated for version 7.3.809 Problem: The dosinst.c program has a buffer overflow. (Thomas Gwae) Solution: Ignore $VIMRUNTIME if it is too long.
diff --git a/src/dosinst.c b/src/dosinst.c index 0ff8e69..6bc15fc 100644 --- a/src/dosinst.c +++ b/src/dosinst.c
@@ -375,7 +375,7 @@ /* First get $VIMRUNTIME. If it's set, remove the tail. */ vim = getenv("VIMRUNTIME"); - if (vim != NULL && *vim != 0) + if (vim != NULL && *vim != 0 && strlen(vim) < BUFSIZE) { strcpy(buf, vim); remove_tail(buf);