diff options
| author | Helge Deller <deller@gmx.de> | 2013-10-09 17:37:38 +0200 |
|---|---|---|
| committer | Helge Deller <deller@gmx.de> | 2013-10-09 17:37:38 +0200 |
| commit | e3a87f4f23988dee9d907193e540fdf341858d9e (patch) | |
| tree | 588dc0f8b767d188afa0c075c00773611ec8737b | |
| parent | 1f1ffa3b0e88511972e947269f968f9b6cdba08c (diff) | |
| download | palo-e3a87f4f23988dee9d907193e540fdf341858d9e.tar.gz | |
Fix the main user interaction function to be able to handle up
to 1024 bytes of Linux kernel command line.
It's important that we ensure that the user does not enter more than 40
(MAX_ARGV) different parameters. If 40 is too low, we can increase this
value at any time, but we need to avoid accessing memory outside of the
argv[] array.
Each kernel parameter (fieldbuf) can now hold up to 200 characters
instead of 79.
As cleanups we have:
- we don't need to pass over the original commandline,
- we simplify some printf() calls and use puts instead.
| -rw-r--r-- | ipl/ipl.c | 30 |
1 files changed, 22 insertions, 8 deletions
@@ -86,7 +86,7 @@ chk_strcat(char *out, char *in, int len, int *ok) int need = strlen(out) + strlen(in) + 1; if (need > len) { - printf("Adding '%s' to\n'%s' exceeds length (%d)\n", in, out, len); + printf("Adding '%s' exceeds length (%d)\n", in, len); *ok = 0; } else @@ -295,25 +295,34 @@ ls(char *path) } static void -interact(char *commandline, int *ok) +interact(int *ok) { - char *argv[40], *p; + #define MAX_ARGV 40 + char *argv[MAX_ARGV], *p; char orig[CMDLINELEN]; const char sep[] = " \t"; char numbuf[4]; - char fieldbuf[79]; + char fieldbuf[200]; int i, argc, editfield; strcpy(orig, commandline); while (1) { - printf("Current command line:\n%s\n", commandline); + puts("Current command line:\n"); + puts(commandline); + puts("\n"); + p = commandline; argc = 0; *ok = 1; do { + if (argc >= MAX_ARGV) + { + argc = MAX_ARGV; + break; + } if ((argv[argc++] = strtok(p, sep)) == NULL) { argc--; @@ -361,9 +370,14 @@ interact(char *commandline, int *ok) editfield = parse_number(numbuf, &p); - if (editfield < argc) + if (editfield >= MAX_ARGV) + { + puts("Too many input fields.\n"); + } + else if (editfield < argc) { - strcpy(fieldbuf, argv[editfield]); + strncpy(fieldbuf, argv[editfield], sizeof(fieldbuf)); + fieldbuf[sizeof(fieldbuf)-1] = '\0'; enter_text(fieldbuf, sizeof fieldbuf - 1); puts("\n"); argv[editfield] = fieldbuf; @@ -531,7 +545,7 @@ iplmain(int is_interactive, char *initialstackptr, int started_wide) } if (interactive) - interact(commandline, &ok); + interact(&ok); /* If we have any failures after this, be sure we're interactive * for the re-start */ |