You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by xi...@apache.org on 2020/01/08 12:43:51 UTC
[incubator-nuttx-apps] 04/04: system: readline: Improve security
This is an automated email from the ASF dual-hosted git repository.
xiaoxiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
commit 967e7e29122d636ed00db0e4b1f046f267c276ab
Author: Alin Jerpelea <al...@sony.com>
AuthorDate: Tue Dec 31 14:47:28 2019 +0900
system: readline: Improve security
---
system/readline/readline_common.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/system/readline/readline_common.c b/system/readline/readline_common.c
index 92a98c5..21c9217 100644
--- a/system/readline/readline_common.c
+++ b/system/readline/readline_common.c
@@ -144,6 +144,7 @@ static int count_builtin_matches(FAR char *buf, FAR int *matches, int namelen)
* vtbl - vtbl used to access implementation specific interface
* buf - The user allocated buffer to be filled.
* buflen - the size of the buffer.
+ * nch - the number of characters.
*
* Returned Value:
* None.
@@ -152,7 +153,7 @@ static int count_builtin_matches(FAR char *buf, FAR int *matches, int namelen)
#ifdef CONFIG_READLINE_TABCOMPLETION
static void tab_completion(FAR struct rl_common_s *vtbl, char *buf,
- int *nch)
+ int buflen, int *nch)
{
FAR const char *name = NULL;
char tmp_name[CONFIG_TASK_NAME_SIZE + 1];
@@ -271,7 +272,7 @@ static void tab_completion(FAR struct rl_common_s *vtbl, char *buf,
if (tmp_name[0] == '\0')
{
- strcpy(tmp_name, name);
+ strncpy(tmp_name, name, sizeof(tmp_name) - 1);
}
RL_PUTC(vtbl, ' ');
@@ -306,7 +307,7 @@ static void tab_completion(FAR struct rl_common_s *vtbl, char *buf,
if (tmp_name[0] == '\0')
{
- strcpy(tmp_name, name);
+ strncpy(tmp_name, name, sizeof(tmp_name) - 1);
}
RL_PUTC(vtbl, ' ');
@@ -329,7 +330,7 @@ static void tab_completion(FAR struct rl_common_s *vtbl, char *buf,
RL_PUTC(vtbl, '\n');
}
#endif
- strcpy(buf, tmp_name);
+ strncpy(buf, tmp_name, buflen - 1);
name_len = strlen(tmp_name);
@@ -729,7 +730,7 @@ ssize_t readline_common(FAR struct rl_common_s *vtbl, FAR char *buf, int buflen)
#ifdef CONFIG_READLINE_TABCOMPLETION
else if (ch == '\t') /* Nghia - TAB character */
{
- tab_completion(vtbl, buf, &nch);
+ tab_completion(vtbl, buf, buflen, &nch);
}
#endif
}