From: Jon Trulson Date: Sun, 27 May 2012 00:14:58 +0000 (-0600) Subject: FileUtils.c: fix CERT VU#575804 X-Git-Tag: 2.2.0a~26^2~38 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8e4e53f4b9c968928ab5ff0e19b12971d870377e;p=oweals%2Fcde.git FileUtils.c: fix CERT VU#575804 --- diff --git a/cde/lib/DtHelp/FileUtils.c b/cde/lib/DtHelp/FileUtils.c index fde078e1..371948d2 100644 --- a/cde/lib/DtHelp/FileUtils.c +++ b/cde/lib/DtHelp/FileUtils.c @@ -453,8 +453,9 @@ char * _DtHelpFileLocate ( /*** this is monstrously inefficient--but it shouldn't get called often ***/ /* get user's current working directory */ - if (getcwd(tmpPath, MAXPATHLEN) == NULL) return NULL; /* RETURN: error */ - + /* JET - CERT VU#575804 */ + if (getcwd(tmpPath, MAXPATHLEN - 1) == NULL) return NULL; /* RETURN: error */ + /* make path end in a slash */ eos = tmpPath + strlen(tmpPath); _DtHelpCeStrrchr(tmpPath,DirSlashStr,MB_CUR_MAX,&slash); @@ -530,7 +531,9 @@ char * _DtHelpFileLocate ( *ptr = EOS; /* compress that path */ - strcpy(tmpPath,curPath); + /* JET - CERT VU#575804 */ + strncpy(tmpPath, curPath, MAXPATHLEN); + _DtHelpCeCompressPathname(tmpPath); /* test all suffixes */