diff options
| author | Björn Gustavsson <[email protected]> | 2010-10-14 14:50:58 +0200 |
|---|---|---|
| committer | Björn Gustavsson <[email protected]> | 2010-10-14 14:51:03 +0200 |
| commit | c7f811b03aca427fbea0cac5307b81fa19bddbc1 (patch) | |
| tree | 96a2b390b50527199660a9fece17272c89ec402d /erts/etc/common/heart.c | |
| parent | 0cfaafd999d74a085d6f3e212e90985700040691 (diff) | |
| parent | 0983ce5264f277c9b7798758082eee1c7addb337 (diff) | |
| download | otp-c7f811b03aca427fbea0cac5307b81fa19bddbc1.tar.gz otp-c7f811b03aca427fbea0cac5307b81fa19bddbc1.tar.bz2 otp-c7f811b03aca427fbea0cac5307b81fa19bddbc1.zip | |
Merge branch 'ms/security-fixes' into dev
* ms/security-fixes:
erlc: remove unused variable
typer: prevent buffer overflows
run_test: prevent buffer overflow
heart: prevent buffer overflow
escript: prevent buffer overflows
erlexec: prevent buffer overflows
erlc: prevent buffer overflows
dialyzer: prevent buffer overflows
OTP-8892
Diffstat (limited to 'erts/etc/common/heart.c')
| -rw-r--r-- | erts/etc/common/heart.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/erts/etc/common/heart.c b/erts/etc/common/heart.c index 4f738947b7..3e19e5f386 100644 --- a/erts/etc/common/heart.c +++ b/erts/etc/common/heart.c @@ -375,7 +375,8 @@ main(int argc, char **argv) _setmode(erlin_fd,_O_BINARY); _setmode(erlout_fd,_O_BINARY); #endif - strcpy(program_name, argv[0]); + strncpy(program_name, argv[0], sizeof(program_name)); + program_name[sizeof(program_name)-1] = '\0'; notify_ack(erlout_fd); cmd[0] = '\0'; do_terminate(message_loop(erlin_fd,erlout_fd)); @@ -728,7 +729,11 @@ heart_cmd_reply(int fd, char *s) struct msg m; int len = strlen(s) + 1; /* Include \0 */ - /* FIXME if s >= MSG_BODY_SIZE error */ + /* if s >= MSG_BODY_SIZE, return a write + * failure immediately. + */ + if (len > sizeof(m.fill)) + return -1; m.op = HEART_CMD; m.len = htons(len + 2); /* Include Op */ |