# HG changeset patch # User Claus Gittinger # Date 884611317 -3600 # Node ID 4f37ae9c89618479361e2cde23b475185d93469d # Parent 212a539ee379606abdab416e19ba4d1302fe818d use strncpy to avoid buffer-overruns diff -r 212a539ee379 -r 4f37ae9c8961 DirStr.st --- a/DirStr.st Mon Jan 12 14:20:30 1998 +0100 +++ b/DirStr.st Mon Jan 12 14:21:57 1998 +0100 @@ -596,15 +596,19 @@ if (__INST(dirPointer) == nil) { path = __INST(pathName); if (__isString(path)) { - strcpy(pattern, __stringVal(path)); - strcat(pattern, "\\*"); - d = FindFirstFile(pattern, &data); - if (d == INVALID_HANDLE_VALUE) { - __INST(lastErrorNumber) = __MKSMALLINT(GetLastError()); - } else { - __INST(dirPointer) = dp = __MKEXTERNALADDRESS(d); __STORE(self, dp); - entry = __MKSTRING( data.cFileName ); - ok = true; + int l = __stringSize(path); + + if (l < (sizeof(pattern)-4)) { + strncpy(pattern, __stringVal(path), l); + strcpy(pattern+l, "\\*"); + d = FindFirstFile(pattern, &data); + if (d == INVALID_HANDLE_VALUE) { + __INST(lastErrorNumber) = __MKSMALLINT(GetLastError()); + } else { + __INST(dirPointer) = dp = __MKEXTERNALADDRESS(d); __STORE(self, dp); + entry = __MKSTRING( data.cFileName ); + ok = true; + } } } } @@ -673,5 +677,5 @@ !DirectoryStream class methodsFor:'documentation'! version - ^ '$Header: /cvs/stx/stx/libbasic/Attic/DirStr.st,v 1.41 1997-10-06 13:27:34 cg Exp $' + ^ '$Header: /cvs/stx/stx/libbasic/Attic/DirStr.st,v 1.42 1998-01-12 13:21:57 cg Exp $' ! ! diff -r 212a539ee379 -r 4f37ae9c8961 DirectoryStream.st --- a/DirectoryStream.st Mon Jan 12 14:20:30 1998 +0100 +++ b/DirectoryStream.st Mon Jan 12 14:21:57 1998 +0100 @@ -596,15 +596,19 @@ if (__INST(dirPointer) == nil) { path = __INST(pathName); if (__isString(path)) { - strcpy(pattern, __stringVal(path)); - strcat(pattern, "\\*"); - d = FindFirstFile(pattern, &data); - if (d == INVALID_HANDLE_VALUE) { - __INST(lastErrorNumber) = __MKSMALLINT(GetLastError()); - } else { - __INST(dirPointer) = dp = __MKEXTERNALADDRESS(d); __STORE(self, dp); - entry = __MKSTRING( data.cFileName ); - ok = true; + int l = __stringSize(path); + + if (l < (sizeof(pattern)-4)) { + strncpy(pattern, __stringVal(path), l); + strcpy(pattern+l, "\\*"); + d = FindFirstFile(pattern, &data); + if (d == INVALID_HANDLE_VALUE) { + __INST(lastErrorNumber) = __MKSMALLINT(GetLastError()); + } else { + __INST(dirPointer) = dp = __MKEXTERNALADDRESS(d); __STORE(self, dp); + entry = __MKSTRING( data.cFileName ); + ok = true; + } } } } @@ -673,5 +677,5 @@ !DirectoryStream class methodsFor:'documentation'! version - ^ '$Header: /cvs/stx/stx/libbasic/DirectoryStream.st,v 1.41 1997-10-06 13:27:34 cg Exp $' + ^ '$Header: /cvs/stx/stx/libbasic/DirectoryStream.st,v 1.42 1998-01-12 13:21:57 cg Exp $' ! !