From c32ddd9665e9fe7d21cfe3195c9d58d9aaf784fd Mon Sep 17 00:00:00 2001
From: Karol Babioch <karol@babioch.de>
Date: Fri, 4 May 2018 17:01:38 +0200
Subject: [PATCH] Limit action length when parsing arguments

This limits the allowable action length when arguments are parsed to
ACTION_MAX_LEN, since this might be exploited otherwise.
---
 ykpamcfg.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ykpamcfg.c b/ykpamcfg.c
index a2a4bbf..6b93463 100644
--- a/ykpamcfg.c
+++ b/ykpamcfg.c
@@ -105,7 +105,10 @@ parse_args(int argc, char **argv,
       *slot = 2;
       break;
     case 'A':
-      snprintf(*action, ACTION_MAX_LEN, "%s", optarg);
+      if (snprintf(*action, ACTION_MAX_LEN, "%s", optarg) >= ACTION_MAX_LEN) {
+        fprintf(stderr, "action too long: %s\n", optarg);
+        exit(1);
+      }
       break;
     case 'p':
       *output_dir = optarg;