patch 8.1.0976: dosinstall still has buffer overflow problems
Problem: Dosinstall still has buffer overflow problems.
Solution: Adjust buffer sizes. (Yasuhiro Matsumoto, closes #4002)
diff --git a/src/dosinst.h b/src/dosinst.h
index f264f94..7f30e90 100644
--- a/src/dosinst.h
+++ b/src/dosinst.h
@@ -59,7 +59,7 @@
/* ---------------------------------------- */
-#define BUFSIZE 512 /* long enough to hold a file name path */
+#define BUFSIZE (MAX_PATH*2) /* long enough to hold a file name path */
#define NUL 0
#define FAIL 0
@@ -93,15 +93,15 @@
static void *
alloc(int len)
{
- char *s;
+ void *p;
- s = malloc(len);
- if (s == NULL)
+ p = malloc(len);
+ if (p == NULL)
{
printf("ERROR: out of memory\n");
exit(1);
}
- return (void *)s;
+ return p;
}
/*
@@ -512,7 +512,7 @@
do_inits(char **argv)
{
/* Find out the full path of our executable. */
- if (my_fullpath(installdir, argv[0], BUFSIZE) == NULL)
+ if (my_fullpath(installdir, argv[0], sizeof(installdir)) == NULL)
{
printf("ERROR: Cannot get name of executable\n");
myexit(1);