texlive[50057] Build/source/texk/makejvf: makejvf: more security fix

commits+hironobu at tug.org commits+hironobu at tug.org
Tue Feb 19 12:35:58 CET 2019 

Revision: 50057
          http://tug.org/svn/texlive?view=revision&revision=50057
Author:   hironobu
Date:     2019-02-19 12:35:57 +0100 (Tue, 19 Feb 2019)
Log Message:
-----------
makejvf: more security fix

Modified Paths:
--------------
    trunk/Build/source/texk/makejvf/ChangeLog
    trunk/Build/source/texk/makejvf/tfmread.c
    trunk/Build/source/texk/makejvf/write.c

Modified: trunk/Build/source/texk/makejvf/ChangeLog
===================================================================
--- trunk/Build/source/texk/makejvf/ChangeLog	2019-02-19 10:55:59 UTC (rev 50056)
+++ trunk/Build/source/texk/makejvf/ChangeLog	2019-02-19 11:35:57 UTC (rev 50057)
@@ -1,6 +1,7 @@
 2019-02-19  Hironobu Yamashita  <h.y.acetaminophen at gmail.com>
 
-	* tfmread.c, tool.c: Avoid compiler warnings.
+	* tfmread.c, tool.c: Avoid compiler warnings for fgetc().
+	* tfmread.c, write.c: Security fix for too long file names.
 	* write.c (writevfu): Removed unnecessary conditionals.
 	Thanks to @ngothan for a report by covscan.
 	https://github.com/TeX-Live/texlive-source/issues/11

Modified: trunk/Build/source/texk/makejvf/tfmread.c
===================================================================
--- trunk/Build/source/texk/makejvf/tfmread.c	2019-02-19 10:55:59 UTC (rev 50056)
+++ trunk/Build/source/texk/makejvf/tfmread.c	2019-02-19 11:35:57 UTC (rev 50057)
@@ -96,6 +96,10 @@
 	char nbuff[1024];
 	FILE *fp;
 
+	if (strlen(name) >= 1020) { /* <buffer size> - ".tfm" */
+		fprintf(stderr,"Too long input file name.\n");
+		exit(1);
+	}
 	strcpy(nbuff,name);
 	fp = fopen(nbuff,"rb");
 	if (fp == NULL) {
@@ -103,7 +107,7 @@
 		fp = fopen(nbuff,"rb");
 		if (fp == NULL) {
 			fprintf(stderr,"%s is not found.\n",name);
-			exit(0);
+			exit(1);
 		}
 	}
 

Modified: trunk/Build/source/texk/makejvf/write.c
===================================================================
--- trunk/Build/source/texk/makejvf/write.c	2019-02-19 10:55:59 UTC (rev 50056)
+++ trunk/Build/source/texk/makejvf/write.c	2019-02-19 11:35:57 UTC (rev 50057)
@@ -794,6 +794,10 @@
 	FILE *fp;
 	int i;
 
+	if (strlen(name) >= 252) { /* <buffer size> - ".tfm" */
+		fprintf(stderr,"Too long output file name.\n");
+		exit(1);
+	}
 	strcpy(nbuf,name);
 	strcat(nbuf,".tfm");
 	fp = fopen(nbuf,"wb");

More information about the tex-live-commits mailing list