Buffer overflow in fonts.c

773pages on
this wiki
Add New Page
Talk0 Share
Browse all patches

Author Edit

Yoshiaki Kasahara

Synopsis Edit

When I was trying to compile the source from svn on my FreeBSD box, I noticed one of port-local patches wasn't incorporated into the svn tree The following patch is for the stock 1.3 release, but it should be applied to the svn source, too.

Patch Edit

--- src/fonts.c.orig    Sun Nov  3 22:00:36 2002
+++ src/fonts.c Wed Feb  8 04:22:13 2006
@@ -131,7 +131,7 @@
            if (end == 0)
                end = p + strlen (p);
            len = end - (p + 1);
-           buf = malloc (len);
+           buf = malloc (len + 1);
            memcpy (buf, p + 1, len);
            buf[len] = 0;
            return buf;

Community's reasons for inclusion or rejection Edit

Yes vote: yes. Thanks, better to use one byte more, than to have a buffer overflow. Applied. But before making 1.3.2 I'll check with valgrind nevertheless, because from reading the code in this place I'm not 100% sure that it's needed. If valgrind will say that it's not needed I'll revert it. Janek Kozicki 16:24, 29 July 2007 (UTC)

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki