From: Jens Rehsack <sno@netbsd.org>
Date: Mon, 24 Feb 2020 09:52:21 +0000 (+0100)
Subject: * src/dir.c (local_stat): [WINDOWS32] Fix buffer-overflow warning.
X-Git-Tag: 4.3.90~228
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d3a53d5d16acb6db90e39a02889aea88b5241bfc;p=thirdparty%2Fmake.git

* src/dir.c (local_stat): [WINDOWS32] Fix buffer-overflow warning.

[SV 57888] Provide space for the path to use MAXPATHLEN plus nul.

Signed-off-by: Jens Rehsack <sno@netbsd.org>
Copyright-paperwork-exempt: yes
---

diff --git a/src/dir.c b/src/dir.c
index 862a18ea..2b2abf33 100644
--- a/src/dir.c
+++ b/src/dir.c
@@ -1286,13 +1286,13 @@ local_stat (const char *path, struct stat *buf)
   /* Make sure the parent of "." exists and is a directory, not a
      file.  This is because 'stat' on Windows normalizes the argument
      foo/. => foo without checking first that foo is a directory.  */
-  if (plen > 1 && path[plen - 1] == '.'
+  if (plen > 2 && path[plen - 1] == '.'
       && (path[plen - 2] == '/' || path[plen - 2] == '\\'))
     {
-      char parent[MAXPATHLEN];
+      char parent[MAXPATHLEN+1];
 
-      strncpy (parent, path, plen - 2);
-      parent[plen - 2] = '\0';
+      strncpy (parent, path, MAXPATHLEN);
+      parent[MIN(plen - 2, MAXPATHLEN)] = '\0';
       if (stat (parent, buf) < 0 || !_S_ISDIR (buf->st_mode))
         return -1;
     }