[Goodies-dev] [Bug 11328] New: Array out of bounds write in xfce4-netload-plugin

Sun Nov 23 20:29:13 CET 2014

https://bugzilla.xfce.org/show_bug.cgi?id=11328

            Bug ID: 11328
           Summary: Array out of bounds write in xfce4-netload-plugin
    Classification: Panel Plugins
           Product: Xfce4-netload-plugin
           Version: git
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: Medium
         Component: General
          Assignee: frivoal at xfce.org
          Reporter: gber at opensuse.org
        QA Contact: goodies-dev at xfce.org
                CC: mmassonnet at xfce.org

Created attachment 5769
  --> https://bugzilla.xfce.org/attachment.cgi?id=5769&action=edit
Fix array out of bounds write

xfce4-netload-plugin does an array out of bounds write when trying to ensure
nul-termination panel-plugin/net.c:

    strncpy( data->ifdata.if_name, device, INTERFACE_NAME_LENGTH);
    data->ifdata.if_name[INTERFACE_NAME_LENGTH] = '\0';

where the size of ifdata.if_name is INTERFACE_NAME_LENGTH. See attached patch
for a fix.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.