>From 84bdea30cd7628139e1fb873413877e61eb747ef Mon Sep 17 00:00:00 2001
From: Evan Hanson <address@hidden>
Date: Tue, 1 Jan 2019 10:49:40 +1300
Subject: [PATCH] chicken-do: Avoid buffer overrun when preparing Windows
 command line

---
 chicken-do.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/chicken-do.c b/chicken-do.c
index f4175229..9895d6a8 100644
--- a/chicken-do.c
+++ b/chicken-do.c
@@ -42,6 +42,10 @@
 #define MAX_TARGETS 256
 #define MAX_DEPENDS 1024
 
+#ifdef WIN32
+# define MAX_COMMAND_LEN 32767
+#endif
+
 static char *targets[ MAX_TARGETS ];
 static char *depends[ MAX_DEPENDS ];
 static struct stat tstats[ MAX_TARGETS ];
@@ -75,13 +79,18 @@ static int execute(char **argv)
 #ifdef WIN32
   static PROCESS_INFORMATION process_info;
   static STARTUPINFO startup_info;
+  static TCHAR cmdline[ MAX_COMMAND_LEN ];
+  static int len;
+
   startup_info.cb = sizeof(STARTUPINFO);
-  static TCHAR cmdline[ MAX_PATH ];
 
+  /* quote command arguments */
   while(*argv != NULL) {
-    strcat(cmdline, "\"");
-    strcat(cmdline, *(argv++));
-    strcat(cmdline, "\" ");
+    len += snprintf(cmdline + len, sizeof(cmdline) - len, "\"%s\" ", *(argv++));
+    if(len > sizeof(cmdline)) {
+      fprintf(stderr, "argument list too long\n");
+      exit(1);
+    }
   }
 
   if(!CreateProcess(NULL, cmdline, NULL, NULL, TRUE, 
-- 
2.11.0