From 07c54674341ea5b9af9df03fa0678d14ebf4f6f9 Mon Sep 17 00:00:00 2001 From: nhmall Date: Sat, 25 Apr 2015 10:51:07 -0400 Subject: [PATCH] checkfile protection from caller Changes to be committed: modified: src/pager.c --- src/pager.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/pager.c b/src/pager.c index 4033a1746..2e3d56e8e 100644 --- a/src/pager.c +++ b/src/pager.c @@ -310,6 +310,14 @@ checkfile(inp, pm, user_typed_name, without_asking) return; } + /* + * If someone passed us garbage, prevent fault + * + if (!inp || (inp && strlen(inp) > (BUFSZ - 1))) { + pline("bad do_look buffer passed!"); + return; + } + /* To prevent the need for entries in data.base like *ngel to account * for Angel and angel, make the lookup string the same for both * user_typed_name and picked name.