[X2Go-Commits] [nx-libs] 03/29: Dialog.c: fix possible buffer overflows
git-admin at x2go.org
git-admin at x2go.org
Sun Jan 7 01:30:58 CET 2018
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch 3.6.x
in repository nx-libs.
commit 3de6bc7490ff6907cd0203c6143a75588458dbb9
Author: Ulrich Sibiller <uli42 at gmx.de>
Date: Thu Nov 23 23:18:44 2017 +0100
Dialog.c: fix possible buffer overflows
Fix write past the end of singlePath if PATH contains dirs longer than PATH_MAX.
---
nx-X11/programs/Xserver/hw/nxagent/Display.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/nx-X11/programs/Xserver/hw/nxagent/Display.c b/nx-X11/programs/Xserver/hw/nxagent/Display.c
index f523dac..d4e0320 100644
--- a/nx-X11/programs/Xserver/hw/nxagent/Display.c
+++ b/nx-X11/programs/Xserver/hw/nxagent/Display.c
@@ -1842,6 +1842,13 @@ static FILE *nxagentLookForIconFile(char *iconName, const char *permission,
if (end != NULL)
{
+ if ((end - path) > sizeof(singlePath) - 1)
+ {
+ fprintf(stderr, "Warning: Path too long - ignored.\n");
+ path = end + 1;
+ continue;
+ }
+
strncpy(singlePath, path, (unsigned long)(end - path));
singlePath[(unsigned long)(end - path)] = '\0';
@@ -1850,6 +1857,12 @@ static FILE *nxagentLookForIconFile(char *iconName, const char *permission,
}
else
{
+ if (strlen(path) > sizeof(singlePath) - 1)
+ {
+ fprintf(stderr, "Error: Path too long.\n");
+ return NULL;
+ }
+
strcpy(singlePath, path);
breakLoop = 1;
--
Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/nx-libs.git
More information about the x2go-commits
mailing list