From 2e855f409557d34aafb96ab2cc22ebf6d2d381e9 Mon Sep 17 00:00:00 2001 From: Jonas 'Sortie' Termansen Date: Thu, 6 Mar 2014 01:14:40 +0100 Subject: [PATCH] Fix buffer overflow in execvpe(3). --- libc/unistd/execvpe.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libc/unistd/execvpe.cpp b/libc/unistd/execvpe.cpp index 4c696382..028661f4 100644 --- a/libc/unistd/execvpe.cpp +++ b/libc/unistd/execvpe.cpp @@ -1,6 +1,6 @@ /******************************************************************************* - Copyright(C) Jonas 'Sortie' Termansen 2011, 2012, 2013. + Copyright(C) Jonas 'Sortie' Termansen 2011, 2012, 2013, 2014. This file is part of the Sortix C Library. @@ -79,7 +79,7 @@ extern "C" int execvpe(const char* filename, char* const* argv, if ( !fullpath ) return -1; stpcpy(stpcpy(stpncpy(fullpath, path, len), "/"), filename); - if ( (path += len + 1)[0] == ':' ) + if ( (path += len)[0] == ':' ) path++; execve(fullpath, argv, envp);