--- texk/makeindexk/mkind.c +++ texk/makeindexk/mkind.c 2007-02-06 13:43:26.000000000 +0100 @@ -179,7 +179,9 @@ char *argv[]; argc--; if (argc <= 0) FATAL("Expected -p \n",""); - strcpy(pageno, *++argv); + if (strlen(*++argv) >= sizeof(pageno)) + FATAL("Page number too high\n",""); + strcpy(pageno, *argv); init_page = TRUE; if (STREQ(pageno, EVEN)) { log_given = TRUE; @@ -227,10 +229,10 @@ char *argv[]; if (fn_no == 0 && !sty_given) { - char tmp[STRING_MAX + 5]; + char tmp[STRING_MAX]; /* base set by last call to check_idx */ - sprintf (tmp, "%s%s", base, INDEX_STY); + snprintf (tmp, sizeof(tmp), "%s%s", base, INDEX_STY); if (0 == access(tmp, R_OK)) { open_sty (tmp); sty_given = TRUE; @@ -407,7 +409,7 @@ int open_fn; if ((idx_fn = (char *) malloc(STRING_MAX)) == NULL) FATAL("Not enough core...abort.\n", ""); - sprintf(idx_fn, "%s%s", base, INDEX_IDX); + snprintf(idx_fn, STRING_MAX, "%s%s", base, INDEX_IDX); if ((open_fn && ((idx_fp = OPEN_IN(idx_fn)) == NULL) ) || @@ -434,7 +436,7 @@ int log_given; /* index output file */ if (!ind_given) { - sprintf(ind, "%s%s", base, INDEX_IND); + snprintf(ind, sizeof(ind), "%s%s", base, INDEX_IND); ind_fn = ind; } if ((ind_fp = OPEN_OUT(ind_fn)) == NULL) @@ -442,14 +444,14 @@ int log_given; /* index transcript file */ if (!ilg_given) { - sprintf(ilg, "%s%s", base, INDEX_ILG); + snprintf(ilg, sizeof(ilg), "%s%s", base, INDEX_ILG); ilg_fn = ilg; } if ((ilg_fp = OPEN_OUT(ilg_fn)) == NULL) FATAL("Can't create transcript file %s.\n", ilg_fn); if (log_given) { - sprintf(log_fn, "%s%s", base, INDEX_LOG); + snprintf(log_fn, sizeof(log_fn), "%s%s", base, INDEX_LOG); if ((log_fp = OPEN_IN(log_fn)) == NULL) { FATAL("Source log file %s not found.\n", log_fn); } else { @@ -505,6 +507,9 @@ char *fn; if ((found = kpse_find_file (fn, kpse_ist_format, 1)) == NULL) { FATAL("Index style file %s not found.\n", fn); } else { + if (strlen(found) >= sizeof(sty_fn)) { + FATAL("Style file %s too long.\n", found); + } strcpy(sty_fn,found); if ((sty_fp = OPEN_IN(sty_fn)) == NULL) { FATAL("Could not open style file %s.\n", sty_fn); @@ -512,6 +517,9 @@ char *fn; } #else if ((path = getenv(STYLE_PATH)) == NULL) { + if (strlen(fn) >= sizeof(sty_fn)) { + FATAL("Style file %s too long.\n", fn); + } /* style input path not defined */ strcpy(sty_fn, fn); sty_fp = OPEN_IN(sty_fn); --- texk/makeindexk/mkind.h +++ texk/makeindexk/mkind.h 2007-02-06 13:42:38.000000000 +0100 @@ -322,7 +322,7 @@ ensuing. #ifdef LINE_MAX /* IBM RS/6000 AIX has this in */ #undef LINE_MAX #endif -#define LINE_MAX 72 /* maximum output line length (longer */ +#define LINE_MAX _POSIX2_LINE_MAX /* maximum output line length (longer */ /* ones wrap if possible) */ #define NUMBER_MAX 16 /* maximum digits in a Roman or Arabic */ @@ -337,7 +337,7 @@ ensuing. #define ROMAN_MAX 16 /* maximum length of Roman page number */ /* field */ -#define STRING_MAX 256 /* maximum length of host filename */ +#define STRING_MAX _POSIX2_LINE_MAX /* maximum length of host filename */ /*====================================================================*/