diff options
author | Andrew Gregory <andrew.gregory.8@gmail.com> | 2017-05-11 00:24:04 +0200 |
---|---|---|
committer | Andrew Gregory <andrew.gregory.8@gmail.com> | 2017-05-11 00:50:34 +0200 |
commit | f132cbe14e4419b05484e6de5291df1630c0dac1 (patch) | |
tree | 691c615c0db4c58eec44428592231e6e29d23a75 /src | |
parent | 48ed9b33812ab81ef5c4e58255dc7464cef443bc (diff) | |
download | pacman-f132cbe14e4419b05484e6de5291df1630c0dac1.tar.gz pacman-f132cbe14e4419b05484e6de5291df1630c0dac1.tar.xz |
query_fileowner: avoid buffer overflow
Copying a string into a buffer that has just been determined to not be
able to hold it is obviously incorrect. The actual error handling
appears to have been unintentionally removed in
47762ab687959e48acc2de8592fcf3ba3cfa502b.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/pacman/query.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/pacman/query.c b/src/pacman/query.c index 119764bc..247423fa 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -205,6 +205,7 @@ static int query_fileowner(alpm_list_t *targets) size_t rlen = strlen(rpath); if(rlen + 2 >= PATH_MAX) { pm_printf(ALPM_LOG_ERROR, _("path too long: %s/\n"), rpath); + goto targcleanup; } strcat(rpath + rlen, "/"); } |