From 44deb68ce1259e1c5c79de7c5d4b2b05d07cf82d Mon Sep 17 00:00:00 2001
From: Nikolaus Rath <Nikolaus@rath.org>
Date: Fri, 11 May 2018 14:56:45 +0100
Subject: add_arg(): check for overflow

Fixes: #222.
---
 util/mount.fuse.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/util/mount.fuse.c b/util/mount.fuse.c
index 3f498db..169fe53 100644
--- a/util/mount.fuse.c
+++ b/util/mount.fuse.c
@@ -13,6 +13,7 @@
 #include <string.h>
 #include <unistd.h>
 #include <errno.h>
+#include <stdint.h>
 
 static char *progname;
 
@@ -40,6 +41,10 @@ static void add_arg(char **cmdp, const char *opt)
 {
 	size_t optlen = strlen(opt);
 	size_t cmdlen = *cmdp ? strlen(*cmdp) : 0;
+	if (optlen >= (SIZE_MAX - cmdlen - 4)/4) {
+		fprintf(stderr, "%s: argument too long\n", progname);
+		exit(1);
+	}
 	char *cmd = xrealloc(*cmdp, cmdlen + optlen * 4 + 4);
 	char *s;
 	s = cmd + cmdlen;
-- 
cgit v1.2.3