|
plotJittervsFill copies the -f argument into a 250-byte buffer with
strncpy(..., sizeof(LogFile)). A 250-byte file name leaves the buffer
unterminated, and the subsequent fopen() reads past the end of LogFile.
JitterTest uses the same fixed-size file name pattern for -r, while -c
still silently truncates overlong names and -f already rejects them.
Validate jittertest file name arguments before copying them so these
options all reject overlong input instead of truncating it or reading
past the end of fixed-size buffers.
Add a shell regression test that exercises the accepted and rejected
boundary lengths for plotJittervsFill and JitterTest during make check.
Signed-off-by: Aviv Daum <aviv.daum@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
