Hack for buffer overflow, should be fixed properly.

author Philip Homburg <philip@cs.vu.nl>

Wed, 8 Jun 2005 11:05:27 +0000 (11:05 +0000)

committer Philip Homburg <philip@cs.vu.nl>

Wed, 8 Jun 2005 11:05:27 +0000 (11:05 +0000)
author Philip Homburg <philip@cs.vu.nl>
Wed, 8 Jun 2005 11:05:27 +0000 (11:05 +0000)
committer Philip Homburg <philip@cs.vu.nl>
Wed, 8 Jun 2005 11:05:27 +0000 (11:05 +0000)
diff --git a/commands/ash/expand.c b/commands/ash/expand.c

index 8fbc82650a1b1e5fbd99dc86317d3ac874649de2..1b6d2a81636450dfe8209322b908cf0cd442bbf6 100755 (executable)
--- a/commands/ash/expand.c
+++ b/commands/ash/expand.c
@@ -672,7 +672,10 @@ expandmeta(str)
                 savelastp = exparg.lastp;
                 INTOFF;
                 if (expdir == NULL)
-                       expdir = ckmalloc(1024); /* I hope this is big enough */
+               {
+                       int i = strlen(str->text);
+                       expdir = ckmalloc(i < 2048 ? 2048 : i); /* XXX */
+               }
                 expmeta(expdir, str->text);
                 ckfree(expdir);
                 expdir = NULL;
author	Philip Homburg <philip@cs.vu.nl>
	Wed, 8 Jun 2005 11:05:27 +0000 (11:05 +0000)
committer	Philip Homburg <philip@cs.vu.nl>
	Wed, 8 Jun 2005 11:05:27 +0000 (11:05 +0000)