Return from check_file() and check_file2() functions when maximum name depth is reached. The use unsafe strncpy() is also removed just to be on safe side. Addresses: https://bugs.debian.org/773892 Signed-off-by: Sami Kerola <kerolasa@xxxxxx> --- disk-utils/fsck.minix.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/disk-utils/fsck.minix.c b/disk-utils/fsck.minix.c index c0ed017..5ab19bb 100644 --- a/disk-utils/fsck.minix.c +++ b/disk-utils/fsck.minix.c @@ -112,6 +112,7 @@ #include "all-io.h" #include "closestream.h" #include "rpmatch.h" +#include "strutils.h" #define ROOT_INO 1 #define YESNO_LENGTH 64 @@ -952,7 +953,9 @@ check_file(struct minix_inode *dir, unsigned int offset) { ino = 0; } if (name_depth < MAX_DEPTH) - strncpy(name_list[name_depth], name, namelen); + xstrncpy(name_list[name_depth], name, namelen); + else + return; name_depth++; inode = get_inode(ino); name_depth--; @@ -977,7 +980,9 @@ check_file(struct minix_inode *dir, unsigned int offset) { if (!inode) return; if (name_depth < MAX_DEPTH) - strncpy(name_list[name_depth], name, namelen); + xstrncpy(name_list[name_depth], name, namelen); + else + return; name_depth++; if (list) { if (verbose) @@ -1020,7 +1025,9 @@ check_file2(struct minix2_inode *dir, unsigned int offset) { ino = 0; } if (name_depth < MAX_DEPTH) - strncpy(name_list[name_depth], name, namelen); + xstrncpy(name_list[name_depth], name, namelen); + else + return; name_depth++; inode = get_inode2(ino); name_depth--; -- 2.2.1 -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
