• Paul Eggert's avatar
    * filelock.c: Fix some buffer overrun and integer overflow issues. · 882f0d81
    Paul Eggert authored
    (get_boot_time): Don't assume that gzip command string fits in 100 bytes.
    Reformulate so as not to need the command string.
    Invoke gzip -cd rather than gunzip, as it's more portable.
    (lock_info_type, lock_file_1, lock_file):
    Don't assume pid_t and time_t fit in unsigned long.
    (LOCK_PID_MAX): Remove; we now use more-reliable bounds.
    (current_lock_owner): Prefer signed type for sizes.
    Use memcpy, not strncpy, where memcpy is what is really wanted.
    Don't assume (via atoi) that time_t and pid_t fit in int.
    Check for time_t and/or pid_t out of range, e.g., via a network share.
    Don't alloca where an auto var works fine.
ChangeLog 192 KB