scrut(1): fix buffer overflow in option parsing

This commit is contained in:
dtb 2024-02-16 01:13:37 -07:00
parent 5b364e104e
commit 64a1a19bd8
Signed by: trinity
GPG Key ID: 31FF85CCB6DC7641

View File

@ -18,7 +18,7 @@
#include <stdio.h> /* fprintf(3), stderr, NULL */ #include <stdio.h> /* fprintf(3), stderr, NULL */
#include <stdlib.h> /* EXIT_FAILURE */ #include <stdlib.h> /* EXIT_FAILURE */
#include <string.h> /* strchr(3) */ #include <string.h> /* memset(3), strchr(3) */
#include <unistd.h> /* access(3), getopt(3), F_OK, R_OK, W_OK, X_OK */ #include <unistd.h> /* access(3), getopt(3), F_OK, R_OK, W_OK, X_OK */
#include <sys/stat.h> /* lstat(3), stat struct, S_ISBLK, S_ISCHR, S_ISDIR, #include <sys/stat.h> /* lstat(3), stat struct, S_ISBLK, S_ISCHR, S_ISDIR,
* S_ISFIFO, S_ISGID, S_ISREG, S_ISLNK, S_ISSOCK, * S_ISFIFO, S_ISGID, S_ISREG, S_ISLNK, S_ISSOCK,
@ -33,17 +33,24 @@ int main(int argc, char *argv[]){
struct stat buf; struct stat buf;
int c; int c;
size_t i; size_t i;
char *p;
if(argc < 2) if(argc < 2)
goto usage; goto usage;
i = 0; memset(ops, '\0', sizeof ops);
while((c = getopt(argc, argv, args)) != -1) while((c = getopt(argc, argv, args)) != -1)
if(strchr(args, c) == NULL) if((p = strchr(args, c)) == NULL)
goto usage; goto usage;
else else
ops[i++] = c; ops[p - args] = c;
ops[i] = '\0'; /* straighten out ops */
for(i = 0, p = ops; i < (sizeof ops) / (sizeof *ops); ++i)
if(ops[i] != '\0'){
*p = ops[i];
if(&ops[i] != p++)
ops[i] = '\0';
}
if(optind == argc) if(optind == argc)
goto usage; goto usage;