* filelock.c: Fix some buffer overrun and integer overflow issues.
(get_boot_time): Don't assume that gzip command string fits in 100 bytes. Reformulate so as not to need the command string. Invoke gzip -cd rather than gunzip, as it's more portable. (lock_info_type, lock_file_1, lock_file): Don't assume pid_t and time_t fit in unsigned long. (LOCK_PID_MAX): Remove; we now use more-reliable bounds. (current_lock_owner): Prefer signed type for sizes. Use memcpy, not strncpy, where memcpy is what is really wanted. Don't assume (via atoi) that time_t and pid_t fit in int. Check for time_t and/or pid_t out of range, e.g., via a network share. Don't alloca where an auto var works fine.
Showing with 62 additions and 42 deletions