"lux" <lx@shellcodes.org> writes:

> I rewrote this code, not use system(1).

Thanks.

> From d6bc71f8640efe7caa2657a75c5aa4d8b4f0532c Mon Sep 17 00:00:00 2001
> From: lu4nx <lx@shellcodes.org>
> Date: Fri, 25 Nov 2022 14:38:29 +0800
> Subject: [PATCH] * Fixed lib-src/etags.c command execute vulnerability
>
> ---
>  lib-src/etags.c | 44 +++++++++++++++++++++++++++++++-------------
>  1 file changed, 31 insertions(+), 13 deletions(-)
>
> diff --git a/lib-src/etags.c b/lib-src/etags.c
> index f665f35fa6..1bb352f565 100644
> --- a/lib-src/etags.c
> +++ b/lib-src/etags.c
> @@ -1387,9 +1387,11 @@ main (int argc, char **argv)
>    /* From here on, we are in (CTAGS && !cxref_style) */
>    if (update)
>      {
> -      char *cmd =
> - xmalloc (strlen (tagfile) + whatlen_max +
> - sizeof "mv..OTAGS;grep -Fv '\t\t' OTAGS >;rm OTAGS");
> +      FILE *otags_f, *tag_f;
> +      int buf_len;
> +      char *buf;
> +      char line[512];

> Hmm, I'm not sure about the hard-coded 512 character line limit here.
> ISTR that some people use much longer lines than that.

Hi, do you have any suggestions? At present, I think hardcoding 512 is enough, thanks :-)