Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2025-04-01 17:11:51 +00:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Fix possible command overflow #r2agent (#15293)

Browse Source 
Detected with asan on macOS.
This commit is contained in:
David CARLIER 2019-10-17 01:30:02 +01:00 committed by radare
parent 9466e1cd71
commit cbc5c77813
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libr/main/r2agent.c
View File

@ -151,14 +151,15 @@ R_API int r_main_r2agent(int argc, char **argv) {
int session_port = 3000 + r_num_rand (1024);
char *filename = rs->path + 11;
char *escaped_filename = r_str_escape (filename);
int escaped_len = strlen (escaped_filename);
size_t escaped_len = strlen (escaped_filename);
size_t cmd_len = escaped_len + 40;
char *cmd;
if (!(cmd = malloc (escaped_len + 40))) {
if (!(cmd = malloc (cmd_len))) {
perror ("malloc");
return 1;
}
sprintf (cmd, "r2 -q %s-e http.port=%d -c=h \"%s\"",
snprintf (cmd, cmd_len, "r2 -q %s-e http.port=%d -c=h \"%s\"",
listenlocal? "": "-e http.bind=public ",
session_port, escaped_filename);