[XFCE 0000039]: potential buffer overflow in src/treeview.c (?)
xfce-bugs at xfce.org
xfce-bugs at xfce.org
Wed Dec 10 14:55:22 CET 2003
The following bug has been ASSIGNED.
=======================================================================
http://bugs.xfce.org/view_bug_page.php?f_id=0000039
=======================================================================
Reporter: jolan
Handler: edscott
=======================================================================
Project: XFCE
Bug ID: 0000039
Category: xffm
Reproducibility: N/A
Severity: minor
Priority: normal
Status: assigned
=======================================================================
Date Submitted: 2003-12-10 07:06 GMT
Last Modified: 2003-12-10 13:55 GMT
=======================================================================
Summary: potential buffer overflow in src/treeview.c (?)
Description:
Was reviewing -Wall and noticed this:
treeview.c:1522: warning: array size (255) is smaller than minimum
required (1024)
char wd[_POSIX_PATH_MAX];
getcwd(wd, _POSIX_PATH_MAX - 1);
from getcwd(3):
The getcwd() function copies the absolute pathname of the current working
directory into the memory referenced by buf and returns a pointer to buf.
The size argument is the size, in bytes, of the array referenced by buf.
I assume this refers to getcwd copying MAXPATHLEN (1024) into
_POSIX_PATH_MAX (255) and overflowing wd.
Not sure if this is correct, patch attached anyway.
=======================================================================
More information about the Xfce-dev
mailing list