From e7ad411b1a8fcd7f3cdf4a81a05aa9fc19575211 Mon Sep 17 00:00:00 2001
From: "B. Watson" <urchlay@slackware.uk>
Date: Sat, 13 Jul 2024 02:51:08 -0400
Subject: listbas: avoid buffer overflow if too many spaces in LISTBAS_OPTS.

---
 listbas.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/listbas.c b/listbas.c
index 515d264..4a6c0a8 100644
--- a/listbas.c
+++ b/listbas.c
@@ -140,10 +140,12 @@ void parse_args(int argc, char **argv, int from_env) {
 	}
 }
 
+#define ENV_MAX_ARGS 64
+
 /* make a fake argv and argc */
 void parse_env_args(void) {
 	int fargc;
-	char *fargv[10];
+	char *fargv[ENV_MAX_ARGS + 1];
 	char *env, *p;
 
 	env = getenv(ENV_OPTS);
@@ -159,6 +161,10 @@ void parse_env_args(void) {
 	for(p = env; *p; p++) {
 		if(*p == ' ' || *p == '\t') {
 			*p = '\0';
+			if(fargc == ENV_MAX_ARGS) {
+				fprintf(stderr, "%s: too many spaces in LISTBAS_OPTS (max %d)\n", self, ENV_MAX_ARGS - 1);
+				break;
+			}
 			fargv[fargc++] = p + 1;
 		}
 	}
-- 
cgit v1.2.3