arno
/
hashcat
mirror of https://github.com/hashcat/hashcat.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #1108 from philsmd/master

Browse Source 
tainted string: test number 2, try to limit the length of the compute variable
pull/1109/head
Jens Steube 8 years ago committed by GitHub
parent 7858f37800 d21fbe0b2f
commit add3ec6f54
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File

12
src/shared.c
Unescape View File

@ -258,18 +258,18 @@ void setup_environment_variables ()
{ {
static char display[100]; static char display[100];
snprintf (display, sizeof (display) - 1, "DISPLAY=%s", compute); u32 compute_len_max = sizeof (display);
// we only use this check to avoid "tainted string" warnings // we only use this check to avoid "tainted string" warnings
u32 display_len_max = sizeof (display); u32 compute_len = strnlen (compute, compute_len_max);
u32 display_len = strnlen (display, display_len_max); if (compute_len > 0) // should be always true
if (display_len > 0) // should be always true
{ {
if (display_len < display_len_max) // some upper bound is always good if (compute_len < compute_len_max) // some upper bound is always good
{ {
snprintf (display, compute_len_max, "DISPLAY=%s", compute);
putenv (display); putenv (display);
} }
} }

Write Preview
Loading…
Cancel
Save