Module Name: src
Committed By: rillig
Date: Mon Dec 27 22:57:26 UTC 2021
Modified Files:
src/usr.bin/make: main.c
Log Message:
make: prevent out-of-bounds read for debug log file name
Even though the name of the debug log file currently only occurs in
strings of the form '-dFname' or '-dF+name', the code for replacing '%d'
with the PID accesses the passed string out of bounds. That's not a
problem in practice but looks suspicious anyway.
To generate a diff of this commit:
cvs rdiff -u -r1.554 -r1.555 src/usr.bin/make/main.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/make/main.c
diff -u src/usr.bin/make/main.c:1.554 src/usr.bin/make/main.c:1.555
--- src/usr.bin/make/main.c:1.554 Mon Dec 27 22:22:48 2021
+++ src/usr.bin/make/main.c Mon Dec 27 22:57:26 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.554 2021/12/27 22:22:48 rillig Exp $ */
+/* $NetBSD: main.c,v 1.555 2021/12/27 22:57:26 rillig Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1993
@@ -111,7 +111,7 @@
#include "trace.h"
/* "@(#)main.c 8.3 (Berkeley) 3/19/94" */
-MAKE_RCSID("$NetBSD: main.c,v 1.554 2021/12/27 22:22:48 rillig Exp $");
+MAKE_RCSID("$NetBSD: main.c,v 1.555 2021/12/27 22:57:26 rillig Exp $");
#if defined(MAKE_NATIVE) && !defined(lint)
__COPYRIGHT("@(#) Copyright (c) 1988, 1989, 1990, 1993 "
"The Regents of the University of California. "
@@ -216,8 +216,8 @@ MainParseArgDebugFile(const char *arg)
fname = bmake_malloc(len + 20);
memcpy(fname, arg, len + 1);
- /* Let the filename be modified by the pid */
- if (strcmp(fname + len - 3, ".%d") == 0)
+ /* Replace the trailing '%d' after '.%d' with the pid. */
+ if (len >= 3 && memcmp(fname + len - 3, ".%d", 3) == 0)
snprintf(fname + len - 2, 20, "%d", getpid());
opts.debug_file = fopen(fname, mode);
