X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/aa3378df3cc7da00b8f93569d0c88f0c626ddb18..aff51935734441207923b8e59fbc3644fc4e7d2c:/tildexpand.c diff --git a/tildexpand.c b/tildexpand.c index 06f397c1..cbe98114 100644 --- a/tildexpand.c +++ b/tildexpand.c @@ -2,14 +2,20 @@ * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved - * Created: Wed Jul 12 01:07:36 1995 ylo + * + * As far as I am concerned, the code I have written for this software + * can be used freely for any purpose. Any derived versions of this + * software must be clearly marked as such, and if the derived work is + * incompatible with the protocol description in the RFC file, it must be + * called by a name other than "ssh" or "Secure Shell". */ #include "includes.h" -RCSID("$Id$"); +RCSID("$OpenBSD: tildexpand.c,v 1.13 2002/06/23 03:25:50 deraadt Exp $"); #include "xmalloc.h" -#include "ssh.h" +#include "log.h" +#include "tildexpand.h" /* * Expands tildes in the file name. Returns data allocated by xmalloc. @@ -19,10 +25,11 @@ char * tilde_expand_filename(const char *filename, uid_t my_uid) { const char *cp; - unsigned int userlen; + u_int userlen; char *expanded; struct passwd *pw; char user[100]; + int len; /* Return immediately if no tilde. */ if (filename[0] != '~') @@ -56,7 +63,11 @@ tilde_expand_filename(const char *filename, uid_t my_uid) return xstrdup(pw->pw_dir); } /* Build a path combining the specified directory and path. */ - expanded = xmalloc(strlen(pw->pw_dir) + strlen(cp + 1) + 2); - sprintf(expanded, "%s/%s", pw->pw_dir, cp + 1); + len = strlen(pw->pw_dir) + strlen(cp + 1) + 2; + if (len > MAXPATHLEN) + fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1); + expanded = xmalloc(len); + snprintf(expanded, len, "%s%s%s", pw->pw_dir, + strcmp(pw->pw_dir, "/") ? "/" : "", cp + 1); return expanded; }