diff options
| author | Daniel Jones <admin@danieljon.es> | 2019-03-18 20:54:03 +1030 |
|---|---|---|
| committer | Daniel Jones <admin@danieljon.es> | 2019-03-18 20:54:03 +1030 |
| commit | 36bca31d8536ab667889086abc6c064e18fbed57 (patch) | |
| tree | 00ae272031a0732c1fa0bcf626f28492002215ff | |
| parent | c9b94d131dd46ed96583abf48a42acb8f4c48e6d (diff) | |
| download | urlopener-36bca31d8536ab667889086abc6c064e18fbed57.tar.gz urlopener-36bca31d8536ab667889086abc6c064e18fbed57.zip | |
prevent trying to write out of bounds when constructing argument array
| -rw-r--r-- | urlopen.c | 12 |
1 files changed, 10 insertions, 2 deletions
@@ -27,7 +27,15 @@ #define LEN(arr) ((int) (sizeof (arr) / sizeof (arr)[0])) #define BUFF_SIZE 256 /* size of malloc buffers (max program/extension list length) */ -#define ARG_LIMIT 20 /* maximum number of arguments in the programs to open */ +/* + * maximum number of arguments for the program + * the program will only attach ARG_LIMIT-2 arguments to your executed process, the rest are ignored + * this is because one argument is saved for the url and one is saved for a NULL chraracter + * + * the program to execute itself is one argument + */ + +#define ARG_LIMIT 20 char *programs[][2] = { @@ -216,7 +224,7 @@ forkexecute(char *url) strncpy(buff, programs[ext][1], BUFF_SIZE-1); char *t = strtok(buff, " "); int z = 0; - while (t != NULL) + while (t != NULL && z < ARG_LIMIT-2) // save a position for the url and NULL { args[z] = t; t = strtok(NULL, " "); |