From: Paul Smith <psmith@gnu.org>
Date: Sun, 26 Feb 2012 21:34:51 +0000 (+0000)
Subject: Check for possible buffer overflow on very long filenames.
X-Git-Tag: moved-to-git~33
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6405534814f04899890a2d932db9a4985fd772fe;p=thirdparty%2Fmake.git

Check for possible buffer overflow on very long filenames.
Fixes Savannah bug #35525
---

diff --git a/ChangeLog b/ChangeLog
index ab8e97cc..6d16854b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2012-02-26  Paul Smith  <psmith@gnu.org>
+
+	* implicit.c (pattern_search): Check the stem length to avoid
+	stack overflows in stem_str.  Fixes Savannah bug #35525.
+
 2012-02-03  Eli Zaretskii  <eliz@gnu.org>
 
 	* w32/subproc/sub_proc.c (proc_stdin_thread, proc_stdout_thread)
diff --git a/implicit.c b/implicit.c
index 96c7b2b6..c5f74813 100644
--- a/implicit.c
+++ b/implicit.c
@@ -488,6 +488,13 @@ pattern_search (struct file *file, int archive,
               dir = pathdir;
             }
 
+          if (stemlen > GET_PATH_MAX)
+            {
+              DBS (DB_IMPLICIT, (_("Stem too long: `%.*s'.\n"),
+                                 (int) stemlen, stem));
+              continue;
+            }
+
           DBS (DB_IMPLICIT, (_("Trying pattern rule with stem `%.*s'.\n"),
                              (int) stemlen, stem));